Skills
skills/browser-act/skills/amazon-product-api-skill/Gen Agent Trust Hub

amazon-product-api-skill

Pass

Audited by Gen Agent Trust Hub on Feb 28, 2026

Risk Level: SAFEPROMPT_INJECTIONEXTERNAL_DOWNLOADS
Full Analysis
  • [EXTERNAL_DOWNLOADS]: The skill connects to api.browser-act.com to execute web scraping tasks and poll for results using the requests library.
  • [PROMPT_INJECTION]:
  • Ingestion points: Product information including titles, brand names, and specifications are fetched from Amazon results via the BrowserAct API in scripts/amazon_product_api.py.
  • Boundary markers: The skill body and instructions do not employ delimiters or specific instruction-ignoring warnings to wrap the data retrieved from external web pages.
  • Capability inventory: The Python script has network access via the requests library to communicate with the vendor API and outputs data to the agent's context.
  • Sanitization: The script performs no filtering or sanitization of the product data received from the API, creating a surface for potential indirect prompt injection from malicious product listings.
Audit Metadata
Risk Level
SAFE
Analyzed
Feb 28, 2026, 07:59 AM