review-intelligence-digest
Pass
Audited by Gen Agent Trust Hub on Mar 14, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill executes a local Python script 'skills/review-scraper/scripts/scrape_reviews.py' to perform the scraping task.
- [EXTERNAL_DOWNLOADS]: The skill fetches review data from external platforms including G2, Capterra, and Trustpilot using the Apify API service.
- [PROMPT_INJECTION]: The skill processes untrusted third-party content (user reviews) which presents an indirect prompt injection surface.
- Ingestion points: Review body text and titles from G2, Capterra, and Trustpilot ingested in Phase 2.
- Boundary markers: Absent; the skill does not explicitly define delimiters to isolate untrusted review data from analysis instructions.
- Capability inventory: Executes local scraping scripts and writes the final digest to the 'clients/' directory on the local file system.
- Sanitization: Not present; the skill treats the scraped text as verbatim customer language for analysis.
Audit Metadata