Skills
skills/sickn33/antigravity-awesome-skills/news-sentiment-engine/Gen Agent Trust Hub

news-sentiment-engine

Warn

Audited by Gen Agent Trust Hub on May 14, 2026

Risk Level: MEDIUMEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [EXTERNAL_DOWNLOADS]: The skill instructions direct the user to clone an external source code repository from https://github.com/tellmefrankie/news-engine.
  • [COMMAND_EXECUTION]: The setup instructions include running pnpm install and pnpm dev, which executes third-party code and installs potentially unverified dependencies from the external repository.
  • [PROMPT_INJECTION]: The skill processes untrusted data from multiple RSS feeds, which presents a surface for indirect prompt injection attacks.
  • Ingestion points: News content is ingested from external RSS feeds (TechCrunch, The Verge, Ars Technica, Hacker News).
  • Boundary markers: The instructions do not define delimiters or warnings to prevent the agent from following instructions embedded in the news content.
  • Capability inventory: The skill uses the claude and websearch tools to analyze and summarize the ingested data.
  • Sanitization: There are no evident sanitization steps for the external content.
Audit Metadata
Risk Level
MEDIUM
Analyzed
May 14, 2026, 08:33 PM
Security Audit — agent-trust-hub — news-sentiment-engine