scraper
Pass
Audited by Gen Agent Trust Hub on May 5, 2026
Risk Level: SAFEPROMPT_INJECTIONEXTERNAL_DOWNLOADSCOMMAND_EXECUTION
Full Analysis
- [PROMPT_INJECTION]: The skill has an indirect prompt injection surface. Ingestion point: The agent navigates to and explores target websites via Playwright (SKILL.md, Step 4). Boundary markers: No delimiters are specified when the agent analyzes page content. Capability inventory: The agent can write files (Write tool) and execute scripts (Bash tool). Sanitization: No content filtering is mentioned. A malicious site could attempt to influence script generation through hidden instructions.
- [EXTERNAL_DOWNLOADS]: The skill initiates downloads of Playwright and Patchright from official package registries. These are well-known libraries for browser automation and stealth. Evidence: references/NODE_TEMPLATES.md, references/PYTHON_TEMPLATES.md.
- [COMMAND_EXECUTION]: The skill uses the Bash tool to install dependencies, initialize directories, and run scraper scripts. These operations are limited to the user's project environment. Evidence: SKILL.md, scripts/init_project.py.
Audit Metadata