instagram-scraper
Pass
Audited by Gen Agent Trust Hub on Jul 2, 2026
Risk Level: SAFECOMMAND_EXECUTIONDATA_EXFILTRATIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill's setup instructions utilize
python3 -cto extract configuration values from a JSON file using the Python standard library. - [DATA_EXFILTRATION]: The skill accesses
~/.gooseworks/credentials.jsonto retrieve API keys. This path is specific to the service's own configuration and is used for authenticating subsequent API requests. - [EXTERNAL_DOWNLOADS]: The documentation suggests the command
npx gooseworks login, which facilitates the download and execution of the gooseworks utility from the npm registry. - [PROMPT_INJECTION]: The skill processes untrusted content from Instagram profiles and posts, creating an attack surface for indirect prompt injection.
- Ingestion points: Instagram profile bios and post captions retrieved via shell-based API calls in SKILL.md.
- Boundary markers: No explicit markers or delimiters are defined to separate the scraped data from agent instructions.
- Capability inventory: The skill has access to shell execution via
curlandpython3for its core functionality. - Sanitization: No sanitization or validation of the external Instagram data is described before it enters the agent's context.
Audit Metadata