batch-scrape
Pass
Audited by Gen Agent Trust Hub on Mar 23, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: Executes local Python scripts within the repository's plugin directories to perform scraping, index management, and validation tasks. These scripts are run via the Bash tool using environment variable prefixes for development mode.
- [EXTERNAL_DOWNLOADS]: Fetches documentation content from external domains including cursor.com, anthropic.com, and geminicli.com. These sources are associated with the ecosystems supported by the skill.
- [PROMPT_INJECTION]: The skill ingests untrusted data from external documentation sources, creating a surface for indirect prompt injection attacks.
- Ingestion points: External documentation URLs and LLMS.txt files specified in the ecosystem routing table and script arguments within SKILL.md.
- Boundary markers: The instructions mandate multiple manual verification steps, including content diff analysis and structural filtering analysis, to identify anomalies before committing changes.
- Capability inventory: The agent has access to the Bash tool for script execution and the melodic-software:git-commit skill for finalizing updates.
- Sanitization: Includes automated markdown linting via markdownlint-cli2 and manual audit checks for encoding artifacts and malformed content.
Audit Metadata