scrapling
Pass
Audited by Gen Agent Trust Hub on Mar 20, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill initiates downloads of external browser binaries (Playwright Chromium) via the
scrapling installcommand and depends on third-party Python packages likescraplingandcairosvgfrom public registries. - [COMMAND_EXECUTION]: The skill includes CLI utilities and scripts (
scrapling_scrape.py) that execute system commands for web extraction and allow arbitrary JavaScript execution within the browser context through theexecute_jsparameter. - [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection because it processes untrusted data from the web which could contain hidden instructions targeting the LLM.
- Ingestion points: Data fetched from URLs via
Fetcher,DynamicFetcher,StealthyFetcher, andSpiderclasses. - Boundary markers: None identified; the skill returns raw or filtered page content without explicit delimiters or safety warnings for the agent.
- Capability inventory: Network access for web crawling, local file system writes for data extraction and checkpoints, and browser-level JavaScript execution.
- Sanitization: No documented sanitization or filtering of external content to prevent instructional override before the data is passed to the agent context.
Audit Metadata