scrape
Pass
Audited by Gen Agent Trust Hub on Apr 19, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [SAFE]: The skill uses environment variables for sensitive data (BRIGHTDATA_API_KEY, BRIGHTDATA_UNLOCKER_ZONE), which is the recommended approach for credential management.\n- [SAFE]: The shell script uses jq's argument passing mechanism (--arg url) to safely construct JSON payloads, effectively preventing command injection from user-provided URLs.\n- [SAFE]: Network activity is restricted to the legitimate Bright Data API endpoint at api.brightdata.com.\n- [SAFE]: The script relies on curl and jq; while jq is missing from the explicit dependency list in SKILL.md, its usage is standard and safe within the script.\n- [PROMPT_INJECTION]: The skill processes untrusted content from external websites, which creates a surface for indirect prompt injection.\n
- Ingestion points: Scraped content from user-provided URLs in scripts/scrape.sh.\n
- Boundary markers: No specific delimiters or safety instructions are included in the markdown output to isolate the untrusted content.\n
- Capability inventory: The skill can perform network requests via curl and execute shell scripts, though its scope is limited to the scraper script.\n
- Sanitization: Web content is returned directly from the API without sanitization or filtering.
Audit Metadata