skills/zytedata/skills/scrape/Gen Agent Trust Hub

scrape

Pass

Audited by Gen Agent Trust Hub on Jul 7, 2026

Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSREMOTE_CODE_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: Utilizes the Bash tool to manage the development environment and execute scraping tasks. It runs the uv package manager, the Scrapy framework, and pytest for validating the generated extraction logic.
  • [EXTERNAL_DOWNLOADS]: Fetches data from user-provided target URLs to facilitate site analysis. It also references official documentation from trusted sources like Scrapy and Zyte.
  • [REMOTE_CODE_EXECUTION]: Dynamically generates Python code for page objects and spiders based on the analysis of external web content. This generated code is subsequently executed locally using uv run to perform data extraction and testing.
  • [PROMPT_INJECTION]: Exhibits an indirect prompt injection surface (Category 8) by processing untrusted external HTML to derive extraction schemas and generate code.
  • Ingestion points: External web content is downloaded and stored in the .scrape/ directory for analysis by sub-skills.
  • Boundary markers: There are no explicit instructions or delimiters defined in the orchestrator to prevent the AI from following malicious instructions potentially embedded in the scraped HTML.
  • Capability inventory: The skill has broad capabilities, including writing files to the local system and executing shell commands/Python code.
  • Sanitization: The skill lacks explicit sanitization or filtering of external data before using it as a template or input for code generation.
Audit Metadata
Risk Level
SAFE
Analyzed
Jul 7, 2026, 04:54 PM
Security Audit — agent-trust-hub — scrape