creator-buddy

Pass

Audited by Gen Agent Trust Hub on Jul 3, 2026

Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill uses spawnSync in the agentReach.js utility to execute local CLI tools such as agent-reach, opencli, mcporter, xhs-cli, and bili-cli for cross-platform data retrieval.
  • [EXTERNAL_DOWNLOADS]: The skill makes network requests to several external API providers including redfox.hk, onetotenvip.com, guaikei.com, and Bilibili's public API endpoints to fetch trending data. Notably, the Python scripts fetch_gzh_trends.py and daily_sector_trends.py explicitly disable SSL certificate verification (ssl.CERT_NONE) when communicating with onetotenvip.com, which exposes data transmission to man-in-the-middle attacks.
  • [PROMPT_INJECTION]: The skill functions as an orchestrator that ingests untrusted data from social media platforms (titles, summaries, and comments). This data is processed and displayed to the agent without strict boundary delimiters or security instructions, creating a surface for indirect prompt injection where malicious content from search results could influence agent behavior.
Audit Metadata
Risk Level
SAFE
Analyzed
Jul 3, 2026, 09:42 AM
Security Audit — agent-trust-hub — creator-buddy