ato-rate-scraping
Warn
Audited by Gen Agent Trust Hub on Feb 14, 2026
Risk Level: MEDIUMCOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTIONCREDENTIALS_UNSAFE
Full Analysis
- COMMAND_EXECUTION (MEDIUM): Employs
curlfor network requests. Shell command usage increases the attack surface for the agent. - EXTERNAL_DOWNLOADS (MEDIUM): Retrieves data from
r.jina.aiand Australian government websites. Content from these external sources is untrusted. - PROMPT_INJECTION (MEDIUM): Susceptible to indirect prompt injection via scraped web content.
- Ingestion points: ATO websites via Jina Reader defined in Rate Source Registry.
- Boundary markers: Absent.
- Capability inventory:
curl(network) andcache-manager.ts(file write). - Sanitization: Numeric range validation present, but natural language filtering is absent.
- CREDENTIALS_UNSAFE (LOW): References
$JINA_API_KEY. While not a hardcoded secret, it requires external credential handling and introduces a dependency on sensitive tokens.
Audit Metadata