scrapling
Pass
Audited by Gen Agent Trust Hub on Jul 1, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill installs the
scraplingpackage and its dependency profiles (parser, fetchers, shell, ai, all) from the Python Package Index (PyPI), which is a well-known and trusted package registry. - [COMMAND_EXECUTION]: The skill utilizes local bash scripts (
scripts/install.sh,scripts/run-extract.sh,scripts/run-mcp.sh) to manage the setup and operation of the scraping tools. These scripts serve as wrappers for thescraplingCLI and do not perform unauthorized or hidden actions. - [PROMPT_INJECTION]: The skill has an inherent surface for indirect prompt injection because it is designed to fetch and process arbitrary data from external websites. * Ingestion points: Untrusted data enters the agent context through the
Fetcherclasses, thescrapling extractcommand, and the MCP server tools. * Boundary markers: There are no explicit delimiters or instructions to the agent to ignore embedded commands within the fetched content. * Capability inventory: The skill utilizes theBash,Write,Read, andWebFetchtools, providing a high-capability environment for acting on processed data. * Sanitization: The skill converts content to formats like Markdown or HTML but does not explicitly perform security-focused sanitization of potential injection vectors.
Audit Metadata