crawler

Pass

Audited by Gen Agent Trust Hub on May 11, 2026

Risk Level: SAFEPROMPT_INJECTION
Full Analysis
  • [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection attacks because it ingests untrusted data from the web.
  • Ingestion points: External data enters the agent context through main.py in the fetch_web_content and crawl_website tools, which fetch arbitrary URL content.
  • Boundary markers: The skill does not implement delimiters or explicit instructions to the model to ignore potential commands embedded within the retrieved web content.
  • Capability inventory: The skill uses outbound network access via the httpx library and reports status through standard error streams.
  • Sanitization: No sanitization, escaping, or filtering is applied to the markdown content fetched from remote URLs before it is passed to the AI agent.
Audit Metadata
Risk Level
SAFE
Analyzed
May 11, 2026, 02:06 AM