community-signal-digest
Pass
Audited by Gen Agent Trust Hub on May 5, 2026
Risk Level: SAFEPROMPT_INJECTIONEXTERNAL_DOWNLOADS
Full Analysis
- [SAFE]: The skill uses search_external_content and commonroom_list_objects to fetch data from well-known community platforms. No unauthorized or suspicious network activity was detected.\n- [PROMPT_INJECTION]: The skill identifies a surface for indirect prompt injection by ingesting untrusted content from external platforms for use in automated drafting.\n
- Ingestion points: Community posts and comments fetched via search tools and Common Room (SKILL.md Step 4, 5).\n
- Boundary markers: Not specified for the data processing or drafting instructions.\n
- Capability inventory: Capability to write to organizational intel records and generate drafts via dedicated writing skills.\n
- Sanitization: Content is utilized for sentiment analysis and summary without explicit sanitization steps mentioned.\n- [EXTERNAL_DOWNLOADS]: Uses WebFetch to enrich signals with author profile data and view counts from well-known platforms like Stack Overflow and DEV.to (SKILL.md Step 8). This behavior is consistent with the primary purpose of community monitoring.
Audit Metadata