seedhub
Pass
Audited by Gen Agent Trust Hub on Feb 23, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- EXTERNAL_DOWNLOADS (LOW): The script initiates network connections to
seedhub.ccandpan.quark.cn. These are third-party domains required for the scraper's primary function but are not on the pre-approved whitelist. - INDIRECT_PROMPT_INJECTION (LOW): The skill processes untrusted data from the web, which represents a surface for indirect prompt injection attacks against an AI agent. 1. Ingestion points: The
seedhub.pyscript fetches HTML content fromseedhub.ccusing thecloudscraperlibrary. 2. Boundary markers: Absent. The extracted data is returned to the agent without specific boundary markers or instructions to ignore embedded commands. 3. Capability inventory: The script is limited to network GET requests and console output; it does not possess file-writing, system-command execution, or code evaluation capabilities. 4. Sanitization: Theclean_descfunction performs basic cleaning of HTML entities and removes specific keywords, but does not provide robust protection against malicious instructions embedded in the movie descriptions.
Audit Metadata