lunarcrush

Pass

Audited by Gen Agent Trust Hub on May 25, 2026

Risk Level: SAFEPROMPT_INJECTION
Full Analysis
  • [PROMPT_INJECTION]: The skill processes untrusted data from external sources that could contain malicious instructions.
  • Ingestion points: Functions like get_topic_posts, get_topic_news, and search_content in tools/topics.py fetch data from the LunarCrush API.
  • Boundary markers: There are no explicit delimiters or instructions provided to the agent to ignore embedded commands within the fetched social media posts or news titles.
  • Capability inventory: The skill's primary capability is performing GET requests to the LunarCrush API. It does not possess file-write or shell execution capabilities that would allow an injection to perform dangerous actions on the host.
  • Sanitization: External content such as social media post bodies and news headlines are returned to the agent without any filtering or sanitization, creating a surface for indirect prompt injection.
Audit Metadata
Risk Level
SAFE
Analyzed
May 25, 2026, 12:37 PM
Security Audit — agent-trust-hub — lunarcrush