qqbot-channel
Pass
Audited by Gen Agent Trust Hub on Mar 22, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill possesses an attack surface for indirect prompt injection through external data processed from the QQ Open Platform API.
- Ingestion points: The skill ingests untrusted data from the API, including guild names, channel descriptions, member nicknames, and forum thread content as documented in
SKILL.mdandreferences/api_references.md. - Boundary markers: There are no boundary markers or delimiters defined in the instructions to help the agent differentiate between data retrieved from the API and the agent's core instructions.
- Capability inventory: The skill is equipped with high-impact capabilities, such as the ability to delete subchannels, delete all announcements, and publish forum posts via the
qqbot_channel_apitool. - Sanitization: No sanitization, validation, or escaping of the content retrieved from the external API is specified before the agent processes or displays the data.
Audit Metadata