comment-mining
Pass
Audited by Gen Agent Trust Hub on Jun 23, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill is designed to process untrusted user-generated content from third-party social media platforms, which constitutes a surface for indirect prompt injection. If malicious instructions are embedded in the comments being mined, they could potentially influence the agent's behavior.
- Ingestion points: Comments and replies fetched via specified endpoints for TikTok, YouTube, Instagram, Facebook, Reddit, and Rumble.
- Boundary markers: The instructions do not define clear delimiters or specific warnings to the agent to ignore or isolate instructions contained within the scraped content.
- Capability inventory: The skill is configured with
Bash,WebFetch,Read, andWritecapabilities, increasing the potential impact of a successful injection. - Sanitization: No explicit prompt-level sanitization or escaping of external content is implemented; the 'clean lightly' step focuses on spam and duplicate removal rather than security filtering.
Audit Metadata