story-long-scan

Pass

Audited by Gen Agent Trust Hub on May 20, 2026

Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The file scripts/cdp-utils.js utilizes Node.js child_process.execSync to invoke the agent-browser CLI tool for browser automation tasks.\n- [EXTERNAL_DOWNLOADS]: Multiple scraper scripts (e.g., scripts/qidian-rank-scraper.js, scripts/fanqie-rank-scraper.js) perform network operations to retrieve content from external domains including qidian.com, fanqienovel.com, qimao.com, jjwxc.net, and ciweimao.com.\n- [PROMPT_INJECTION]: The skill exhibits an indirect prompt injection surface as it processes untrusted content from external novel platforms (Category 8).\n
  • Ingestion points: Data extracted from ranking and book detail pages on multiple external websites.\n
  • Boundary markers: None identified in the analysis; the skill relies on the agent's interpretation of the scraped data.\n
  • Capability inventory: The skill has file system access (fs.writeFileSync) and shell command execution (agent-browser).\n
  • Sanitization: No specific content validation or escaping mechanisms were found in the scraping logic.
Audit Metadata
Risk Level
SAFE
Analyzed
May 20, 2026, 08:49 AM
Security Audit — agent-trust-hub — story-long-scan