Skills
skills/vibeeval/vibecosystem/harvest-single/Gen Agent Trust Hub

harvest-single

Pass

Audited by Gen Agent Trust Hub on Jun 22, 2026

Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill uses the Bash tool to execute system commands for content fetching and processing.
  • Evidence: The fallback chain described in SKILL.md involves executing curl + html2text via the Bash tool to extract data from URLs.
  • [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection because it processes untrusted data from the public internet.
  • Ingestion points: Web content is ingested from user-supplied URLs via WebFetch, crawl4ai (local Docker service on port 11235), or curl as detailed in the skill's fetch logic.
  • Boundary markers: There are no explicit delimiters or instructions defined to prevent the agent from following directions embedded within the scraped content.
  • Capability inventory: The skill has access to Bash, Read, Write, and WebFetch tools, allowing for file system and network operations.
  • Sanitization: No sanitization or filtering of the fetched HTML or Markdown is mentioned before the content is introduced to the agent's context.
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 22, 2026, 07:46 AM
Security Audit — agent-trust-hub — harvest-single