Skills
skills/gooseworks-ai/goose-skills/ai-web-scraping-scrapegraph/Gen Agent Trust Hub

ai-web-scraping-scrapegraph

Pass

Audited by Gen Agent Trust Hub on Apr 28, 2026

Risk Level: SAFEDATA_EXFILTRATIONCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [DATA_EXFILTRATION]: The skill reads API credentials from ~/.gooseworks/credentials.json. This information is then used in Authorization headers for network requests to the vendor's API endpoint at api.gooseworks.ai.
  • [COMMAND_EXECUTION]: The setup instructions use python3 -c shell commands to extract data from the local JSON credentials file and curl to perform network operations.
  • [PROMPT_INJECTION]: The skill presents a surface for indirect prompt injection by ingesting and processing untrusted data from arbitrary web pages.
  • Ingestion points: Web content is ingested through the website_url and url parameters in the SKILL.md file.
  • Boundary markers: The instructions lack delimiters or explicit safety warnings to prevent the agent from obeying malicious instructions potentially embedded in the scraped content.
  • Capability inventory: The skill has network access via curl and executes shell-based commands for setup.
  • Sanitization: No validation or sanitization of the content retrieved from external websites is performed before it is passed to the agent's context.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 28, 2026, 01:05 PM