site-content-catalog
Pass
Audited by Gen Agent Trust Hub on Apr 10, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill executes a Python script
scripts/catalog_content.pyto orchestrate the website discovery and classification process. - [EXTERNAL_DOWNLOADS]: The script fetches content directly from user-provided domains to extract sitemaps, RSS feeds, and HTML page data.
- [EXTERNAL_DOWNLOADS]: The script communicates with external endpoints at
api.apify.comand the vendor's own infrastructure atapi.gooseworks.aito utilize sitemap extraction services. - [PROMPT_INJECTION]: The skill processes untrusted metadata (such as page titles and author names) from external websites, which presents a surface for indirect prompt injection.
- Ingestion points: Data is ingested from remote URLs within
scripts/catalog_content.pyusing therequestslibrary. - Boundary markers: The generated JSON and Markdown outputs do not use specific boundary markers to isolate data extracted from external sources.
- Capability inventory: The script's capabilities are restricted to performing network requests and writing output to files or stdout.
- Sanitization: While the script includes logic for title generation from URL slugs, it uses data from XML and RSS tags without additional sanitization.
Audit Metadata