conference-speaker-scraper
Pass
Audited by Gen Agent Trust Hub on Apr 10, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: Includes a Python script (
scripts/scrape_speakers.py) that performs scraping logic via command-line arguments. - [SAFE]: Utilizes environment variables for API tokens, following secure development practices for credential management.
- [SAFE]: Communicates with the vendor's API and Apify (a well-known service), which is considered safe behavior for this skill's use case.
- [PROMPT_INJECTION]: Identifies an indirect prompt injection surface as the script ingests and parses untrusted external web content.
- Ingestion points: Conference URLs processed by
requests.getinscripts/scrape_speakers.py. - Boundary markers: No specific delimiters used for the scraped text in output.
- Capability inventory: Performs network requests and writes results to stdout/files.
- Sanitization: Implements basic HTML tag removal and character limits on biography text.
Audit Metadata