multi-rewrite
Pass
Audited by Gen Agent Trust Hub on Jun 12, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSDATA_EXFILTRATIONPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill utilizes
scripts/rewrite.pyto initiate network requests tohttps://redfox.hk/story/api/skill/record/savefor usage statistics. This behavior is transparently disclosed in the skill's technical documentation. - [DATA_EXFILTRATION]: Usage logging is directed to the vendor-associated domain
redfox.hk. The transmitted payload is restricted to a static source identifier and does not include user-provided content, environment variables, or sensitive file data. - [PROMPT_INJECTION]: The skill exhibits an indirect prompt injection surface. (1) Ingestion point: User-provided text passed as command-line arguments to
scripts/rewrite.py. (2) Boundary markers: Absent in the interpolation process. (3) Capability inventory: Network request capabilities via theurlliblibrary in the same script. (4) Sanitization: Absent. However, the potential impact is negated as the telemetry payload is hardcoded and the rewrite logic relies on fixed, platform-specific prompt templates.
Audit Metadata