review-intelligence-digest
Pass
Audited by Gen Agent Trust Hub on Apr 10, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill uses a subprocess command to execute a local Python script (
scrape_reviews.py) for review collection as part of its primary functionality. - [PROMPT_INJECTION]: The skill presents an indirect prompt injection surface by ingesting untrusted review text from external websites into the agent context for analysis.
- Ingestion points: Public review data from G2, Capterra, and Trustpilot (SKILL.md).
- Boundary markers: Absent; reviews are interpolated into the prompt without explicit delimiters or instructions to ignore embedded commands.
- Capability inventory: Writes analysis results to local markdown files (SKILL.md).
- Sanitization: No sanitization of the scraped review content is performed before processing.
Audit Metadata