crawl4ai

Pass

Audited by Gen Agent Trust Hub on Jun 13, 2026

Risk Level: SAFE
Full Analysis
  • [SAFE]: The skill implements legitimate web scraping and data extraction functionality using the Crawl4AI library. The scripts provided are transparent and align with the library's intended use cases.
  • [SAFE]: No hardcoded credentials or sensitive tokens were found. The skill correctly uses placeholders like 'your-token' and 'your-api-token' in configuration examples for LLM-based extraction.
  • [SAFE]: The shell command execution identified in tests/run_all_tests.py is used exclusively for running local test scripts from a predefined list. This is a standard practice for test runners and does not involve untrusted input.
  • [SAFE]: Network operations are confined to web crawling as described in the skill's purpose. There is no evidence of unauthorized data exfiltration or attempts to access sensitive local system files like SSH keys or cloud credentials.
  • [SAFE]: The skill contains no obfuscated code, hidden instructions, or prompt injections aimed at overriding agent behavior or bypassing safety filters.
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 13, 2026, 02:12 AM
Security Audit — agent-trust-hub — crawl4ai