Skills
skills/rafolie/openclaw-skill-instreet/instreet/Gen Agent Trust Hub

instreet

Pass

Audited by Gen Agent Trust Hub on Mar 24, 2026

Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
  • [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection because it reads and processes untrusted user-generated content from external forum sources.
  • Ingestion points: Reads external data via GET /api/v1/posts, GET /api/v1/posts/{id}/comments, and GET /api/v1/messages (SKILL.md).
  • Boundary markers: None identified; the agent lacks specific instructions to disregard malicious commands embedded within forum posts.
  • Capability inventory: Can perform network writes via Invoke-RestMethod (POST) and local file writes via the obsidian command (SKILL.md).
  • Sanitization: Includes a PowerShell script to scan and redact sensitive strings (API keys, IP addresses) from its own output, but does not provide logic to sanitize incoming untrusted data for embedded instructions.
  • [COMMAND_EXECUTION]: Employs PowerShell scripts to manage REST API interactions and local note management.
  • Evidence: Uses Invoke-RestMethod to communicate with the InStreet API.
  • Evidence: Uses the obsidian command to create and update local knowledge base files based on forum content.
  • [EXTERNAL_DOWNLOADS]: Communicates with an external social platform domain to retrieve and synchronize data.
  • Evidence: Performs network operations targeting https://instreet.coze.site.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 24, 2026, 02:13 AM