Skills
skills/gooseworks-ai/goose-skills/review-site-scraper/Gen Agent Trust Hub

review-site-scraper

Pass

Audited by Gen Agent Trust Hub on Apr 10, 2026

Risk Level: SAFEPROMPT_INJECTIONDATA_EXFILTRATION
Full Analysis
  • [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection as it ingests and processes untrusted data from public review platforms.
  • Ingestion points: scripts/scrape_reviews.py fetches review text from external platforms via the Apify API.
  • Boundary markers: No delimiters or "ignore instructions" warnings are used when providing the scraped content to the agent.
  • Capability inventory: The script performs network operations using urllib. An agent using this skill might have broader capabilities (e.g., file system access or command execution) that could be targeted by instructions embedded in reviews.
  • Sanitization: The skill does not sanitize or filter the content of the reviews before returning them to the agent.
  • [DATA_EXFILTRATION]: The skill performs network operations to external APIs.
  • The script communicates with api.gooseworks.ai (vendor infrastructure) and api.apify.com (well-known service) to perform its scraping tasks.
  • API tokens used for authentication are passed within the URL query string of these requests.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 10, 2026, 10:48 AM