scrape-webpage
Pass
Audited by Gen Agent Trust Hub on May 15, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill documentation and scripts specify the installation of well-known and reputable Node.js libraries, specifically Playwright and Sharp, from standard registries to support browser automation and image conversion tasks.
- [PROMPT_INJECTION]: The skill processes untrusted content from external webpages, creating a surface for potential indirect prompt injection. This risk is addressed through several design features: 1. Ingestion points: External webpage content is fetched via Playwright in 'scripts/analyze-webpage.js'. 2. Boundary markers: 'SKILL.md' contains a dedicated 'External Content Safety' section instructing the agent to treat all fetched content as untrusted and to never follow instructions embedded within it. 3. Capability inventory: The skill has the capability to write files, create directories, and perform network operations. 4. Sanitization: The 'extractCleanedHTML' function in 'scripts/analyze-webpage.js' removes all script, style, and noscript tags and strips HTML attributes down to a safe whitelist (src, href, alt, title, class, id).
Audit Metadata