The Agent Skills Directory

[EXTERNAL_DOWNLOADS]: The skill performs legitimate network operations necessary for its core functionality.
It fetches trending data from the vendor's API at redfox.hk using secure POST requests.
The HTML report template references the html2canvas library from a well-known public CDN (cdnjs.cloudflare.com), which is a standard practice for generating client-side visual content.
[COMMAND_EXECUTION]: The skill executes local scripts and standard system commands to process data.
It runs mkdir -p output during installation to prepare the workspace.
It executes internal Python scripts (scripts/fetch_hotspot.py and scripts/generate_html_report.py) to retrieve information and render reports.
[PROMPT_INJECTION]: As the skill is designed to ingest and summarize trending titles from seven external social media platforms, it inherently possesses a surface for indirect prompt injection.
Ingestion points: Data is fetched via scripts/fetch_hotspot.py from platform hotlists.
Boundary markers: None explicitly defined in the prompt instructions for the agent when processing the external strings.
Capability inventory: The agent summarizes data and generates local JSON/HTML files.
Sanitization: Standard string cleaning is performed on the input data.
Note: This risk is common to all agents processing live web or social media content and is documented here as a functional characteristic rather than a malicious finding.
[SAFE]: The skill adheres to secure credential management practices by instructing users to provide the REDFOX_API_KEY via environment variables rather than hardcoding it in the source code.

trending-hub-top10