Skills
skills/aaaaqwq/claude-code-skills/content-extract/Gen Agent Trust Hub

content-extract

Warn

Audited by Gen Agent Trust Hub on Mar 9, 2026

Risk Level: MEDIUMCOMMAND_EXECUTIONPROMPT_INJECTIONEXTERNAL_DOWNLOADS
Full Analysis
  • [COMMAND_EXECUTION]: The script scripts/content_extract.py utilizes subprocess.run to execute a script path determined at runtime via environment variables or directory traversal. This dynamic loading from computed paths constitutes a medium-level security risk.
  • [PROMPT_INJECTION]: The skill processes arbitrary external webpage content, creating a surface for indirect prompt injection.
  • Ingestion points: The url argument allows the ingestion of data from any web source.
  • Boundary markers: No specific delimiters or boundary instructions are used to isolate untrusted content.
  • Capability inventory: The skill can execute subprocesses and initiate network requests.
  • Sanitization: No sanitization is performed on the extracted Markdown before it is returned to the agent.
  • [EXTERNAL_DOWNLOADS]: The skill performs network operations to fetch data from remote servers and third-party APIs.
Audit Metadata
Risk Level
MEDIUM
Analyzed
Mar 9, 2026, 10:15 PM