scrape-explore-site

Pass

Audited by Gen Agent Trust Hub on Jun 26, 2026

Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [EXTERNAL_DOWNLOADS]: The skill uses download.py to fetch web pages from arbitrary URLs specified by the user. It supports both raw HTTP requests and browser-based rendering using Scrapy and Playwright.
  • [COMMAND_EXECUTION]: Multiple Python scripts provided with the skill (download.py, extract_links.py, apply_classification.py, extract_nav_values.py, and extract_values.py) are executed via uv run to perform link extraction, classification, and data processing tasks.
  • [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection because the agent is instructed to analyze and classify link groups extracted from external, untrusted websites. Maliciously crafted HTML content could attempt to influence the agent's classification decisions or discovery logic.
  • [CREDENTIALS_UNSAFE]: The download.py script attempts to retrieve a ZYTE_API_KEY from environment variables to enable advanced scraping features through the Zyte API service. This follows standard and safe practices for managing service credentials.
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 26, 2026, 03:33 PM
Security Audit — agent-trust-hub — scrape-explore-site