rss-aggregator
Pass
Audited by Gen Agent Trust Hub on Apr 30, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill fetches RSS feed data from several external domains listed in the
references/feeds.opmlfile. These domains include established technology blogs and well-known personal websites. - [PROMPT_INJECTION]: The skill ingests untrusted data from external sources, which creates a surface for indirect prompt injection.
- Ingestion points: Content is fetched from external RSS feed URLs in
scripts/aggregate.pyusing thefeedparserlibrary. - Boundary markers: No explicit boundary markers or instructions to ignore embedded commands are present in the output provided to the agent.
- Capability inventory: The skill is limited to reading feeds and printing summaries; it does not contain capabilities for system modification or sensitive file access.
- Sanitization: The
clean_summaryfunction inscripts/aggregate.pystrips HTML tags and normalizes text, providing basic protection against code injection but not against natural language instructions.
Audit Metadata