creator-buddy
Pass
Audited by Gen Agent Trust Hub on Jul 3, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill uses
spawnSyncin theagentReach.jsutility to execute local CLI tools such asagent-reach,opencli,mcporter,xhs-cli, andbili-clifor cross-platform data retrieval. - [EXTERNAL_DOWNLOADS]: The skill makes network requests to several external API providers including
redfox.hk,onetotenvip.com,guaikei.com, and Bilibili's public API endpoints to fetch trending data. Notably, the Python scriptsfetch_gzh_trends.pyanddaily_sector_trends.pyexplicitly disable SSL certificate verification (ssl.CERT_NONE) when communicating withonetotenvip.com, which exposes data transmission to man-in-the-middle attacks. - [PROMPT_INJECTION]: The skill functions as an orchestrator that ingests untrusted data from social media platforms (titles, summaries, and comments). This data is processed and displayed to the agent without strict boundary delimiters or security instructions, creating a surface for indirect prompt injection where malicious content from search results could influence agent behavior.
Audit Metadata