Skills
skills/creativault/skills/creator-scraper-cv/Gen Agent Trust Hub

creator-scraper-cv

Pass

Audited by Gen Agent Trust Hub on May 10, 2026

Risk Level: SAFE
Full Analysis
  • [SAFE]: No malicious patterns or significant security risks were identified. The skill's behavior is consistent with its stated purpose of social media data collection.
  • [EXTERNAL_DOWNLOADS]: The skill makes network requests to api.creativault.vip to fetch creator data and check task statuses. This is essential for the skill's functionality.
  • [COMMAND_EXECUTION]: Uses local Node.js scripts to interface with the API and manage data export operations.
  • [PROMPT_INJECTION]: The skill ingests untrusted data from external social media profiles via the vendor API, which represents an indirect prompt injection attack surface.
  • Ingestion points: Data returned by scripts/search_creators.mjs and scripts/get_task_data.mjs.
  • Boundary markers: None identified in the scripts; the agent relies on its own processing context.
  • Capability inventory: Subprocess execution for scripts, network access via fetch, and file writing via export_to_csv.mjs.
  • Sanitization: scripts/export_to_csv.mjs provides basic CSV escaping to sanitize data exported to files.
Audit Metadata
Risk Level
SAFE
Analyzed
May 10, 2026, 09:48 AM