web-scraping
Warn
Audited by Snyk on Jul 2, 2026
Risk Level: MEDIUM
Full Analysis
MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).
- Third-party content exposure detected (high risk: 0.95). The skill’s runtime workflow can fetch arbitrary public web pages/URLs (e.g., via Scrapegraph/Olostep/Notte endpoints like
/v1/scrape,/v1/markdownify,/v1/crawl,/sessions/.../page/scrape), and the fetched page text is then ingested into the LLM for extraction/answering—an outsider-authored free-text source.
MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).
- Potentially malicious external URL detected (high risk: 0.90). The skill issues runtime calls to the Gooseworks proxy API (default https://api.gooseworks.ai via $GOOSEWORKS_API_BASE/v1/proxy/orthogonal/run), which is a required external service that can start autonomous Notte agents and perform server-side browser/scraping actions—i.e., it executes remote code and controls agent behavior.
Issues (2)
W011
MEDIUMThird-party content exposure detected (indirect prompt injection risk).
W012
MEDIUMUnverifiable external dependency detected (runtime URL that controls agent).
Audit Metadata