scrape-codegen-analyze

Pass

Audited by Gen Agent Trust Hub on Jun 26, 2026

Risk Level: SAFE
Full Analysis
  • [COMMAND_EXECUTION]: The skill executes clean_html.py and extract_metadata.py using uv run. These scripts are located in a sibling directory (../scrape-analyze-page/scripts/), which represents a modular architecture for tools from the same vendor.\n- [PROMPT_INJECTION]: The skill facilitates the ingestion of untrusted HTML data, creating a potential surface for indirect prompt injection.\n
  • Ingestion points: Untrusted data enters via the file path provided in the page_html_path argument in SKILL.md.\n
  • Boundary markers: Absent. The instructions encourage the agent to inspect all HTML elements, scripts, and metadata without explicit isolation or instructions to ignore embedded commands.\n
  • Capability inventory: Uses Bash for command-line operations and Read/Write for file system access across all referenced scripts.\n
  • Sanitization: The skill employs a cleaning script (clean_html.py), but its primary function is structural preparation for analysis rather than security-focused sanitization.
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 26, 2026, 03:33 PM
Security Audit — agent-trust-hub — scrape-codegen-analyze