Skills
skills/gooseworks-ai/goose-skills/product-hunt-scraper/Gen Agent Trust Hub

product-hunt-scraper

Pass

Audited by Gen Agent Trust Hub on Apr 10, 2026

Risk Level: SAFEEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
  • [EXTERNAL_DOWNLOADS]: The skill makes network requests to api.apify.com or api.gooseworks.ai to run the maximedupre/product-hunt-scraper actor and retrieve its results. These external communications are essential to the skill's primary functionality and use well-known or author-controlled infrastructure.
  • [PROMPT_INJECTION]: The skill ingests untrusted product names, taglines, and descriptions from Product Hunt. This data could potentially contain malicious instructions intended to manipulate an AI agent (Indirect Prompt Injection).
  • Ingestion points: Scraped content enters the agent context through the scripts/scrape_producthunt.py script via Apify dataset items.
  • Boundary markers: Absent; data is printed directly in JSON or formatted tables without specific delimiters to isolate external content.
  • Capability inventory: The skill can perform network operations and provides formatted data to the agent context.
  • Sanitization: No sanitization is performed on the scraped content beyond string conversion.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 10, 2026, 10:48 AM