haizei-worldcup-2026-skill
Pass
Audited by Gen Agent Trust Hub on Jun 14, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill fetches real-time sports data from Baidu Sports (tiyu.baidu.com) to provide information on matches, teams, and players.
- Evidence: Found in multiple scripts including
worldcup-match.js,worldcup-player.js, andworldcup-schedule.jsusing HTTPS requests to the well-known service domain. - [COMMAND_EXECUTION]: The skill uses local Node.js scripts to perform data retrieval and processing tasks. These scripts are invoked with specific commands to handle different data categories.
- Evidence: Found in
SKILL.mdand thescripts/directory, implementing standard command-line argument processing. - [DATA_EXPOSURE_AND_EXFILTRATION]: Analysis confirms that no sensitive local files or credentials are accessed. The network operations are strictly limited to fetching public data from the target sports domain.
- [INDIRECT_PROMPT_INJECTION]: The skill processes data from external web pages. It utilizes structured parsing techniques, such as specific regex patterns and JSON extraction, to isolate data fields before passing them to the agent, which mitigates the risk of ingesting malicious instructions.
- Ingestion points:
https://tiyu.baidu.com/(various endpoints). - Boundary markers: Data is structured into JSON before delivery to the agent.
- Capability inventory: Data reading via
https.request. No file-writing or code-execution capabilities are present for processed data. - Sanitization: Parameters are sanitized using
encodeURIComponentand specific structural parsing to extract only relevant data blocks.
Audit Metadata