web-scraping

Warn

Audited by Snyk on Jul 2, 2026

Risk Level: MEDIUM
Full Analysis

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

  • Third-party content exposure detected (high risk: 0.95). The skill’s runtime workflow can fetch arbitrary public web pages/URLs (e.g., via Scrapegraph/Olostep/Notte endpoints like /v1/scrape, /v1/markdownify, /v1/crawl, /sessions/.../page/scrape), and the fetched page text is then ingested into the LLM for extraction/answering—an outsider-authored free-text source.

MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).

  • Potentially malicious external URL detected (high risk: 0.90). The skill issues runtime calls to the Gooseworks proxy API (default https://api.gooseworks.ai via $GOOSEWORKS_API_BASE/v1/proxy/orthogonal/run), which is a required external service that can start autonomous Notte agents and perform server-side browser/scraping actions—i.e., it executes remote code and controls agent behavior.

Issues (2)

W011
MEDIUM

Third-party content exposure detected (indirect prompt injection risk).

W012
MEDIUM

Unverifiable external dependency detected (runtime URL that controls agent).

Audit Metadata
Risk Level
MEDIUM
Analyzed
Jul 2, 2026, 06:18 AM
Issues
2
Security Audit — snyk — web-scraping