review-site-scraper

Pass

Audited by Gen Agent Trust Hub on Jul 2, 2026

Risk Level: SAFE
Full Analysis
  • [SAFE]: No malicious patterns or behaviors were identified during the analysis. The skill's functionality is consistent with its stated purpose of scraping product reviews and it only uses standard libraries.
  • [EXTERNAL_DOWNLOADS]: The script performs network requests to api.apify.com and api.gooseworks.ai (a vendor-managed proxy) to fetch review data. These are legitimate endpoints for the skill's intended operation. The API token is passed as a query parameter in the URL.
  • [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection because it ingests untrusted text from external websites.
  • Ingestion points: scripts/scrape_reviews.py (via Apify dataset items)
  • Boundary markers: Absent
  • Capability inventory: Network operations via urllib.request in scripts/scrape_reviews.py (no file-write or command execution capabilities)
  • Sanitization: Absent
Audit Metadata
Risk Level
SAFE
Analyzed
Jul 2, 2026, 06:17 AM
Security Audit — agent-trust-hub — review-site-scraper