trending-hub
Pass
Audited by Gen Agent Trust Hub on Jun 12, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONDATA_EXFILTRATIONPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: Fetches hot search data from the vendor's API at https://redfox.hk. The connection logic in scripts/fetch_hotspot.py explicitly disables SSL certificate verification (ssl.CERT_NONE), which is a security best practice violation that could expose data to man-in-the-middle attacks.\n- [COMMAND_EXECUTION]: Executes the scripts/fetch_hotspot.py script to process trend data. The script uses the deprecated and insecure tempfile.mktemp() function to create temporary storage for JSON results, which is vulnerable to race conditions.\n- [DATA_EXFILTRATION]: Accesses the REDFOX_API_KEY environment variable for authentication with the vendor's API. This is the standard and recommended practice for secret management in this environment.\n- [PROMPT_INJECTION]: The skill presents a surface for indirect prompt injection because it ingests untrusted external content.\n
- Ingestion points: Hot search titles and URLs are fetched from external social platforms via the redfox.hk API in fetch_hotspot.py.\n
- Boundary markers: Data is displayed within Markdown tables as defined in references/output-templates.md, but there are no explicit instructions for the agent to ignore or isolate instructions contained within the trend titles.\n
- Capability inventory: The skill performs API requests and writes results to temporary local files; no high-risk capabilities like arbitrary shell execution or unsafe code evaluation were found.\n
- Sanitization: The script performs formatting on heat counts but does not sanitize the content of trend titles before they enter the agent's context.
Audit Metadata