review-site-scraper
Pass
Audited by Gen Agent Trust Hub on Jul 2, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: No malicious patterns or behaviors were identified during the analysis. The skill's functionality is consistent with its stated purpose of scraping product reviews and it only uses standard libraries.
- [EXTERNAL_DOWNLOADS]: The script performs network requests to
api.apify.comandapi.gooseworks.ai(a vendor-managed proxy) to fetch review data. These are legitimate endpoints for the skill's intended operation. The API token is passed as a query parameter in the URL. - [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection because it ingests untrusted text from external websites.
- Ingestion points:
scripts/scrape_reviews.py(via Apify dataset items) - Boundary markers: Absent
- Capability inventory: Network operations via
urllib.requestinscripts/scrape_reviews.py(no file-write or command execution capabilities) - Sanitization: Absent
Audit Metadata