crawl-xueqiu-timeline
Pass
Audited by Gen Agent Trust Hub on Mar 5, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSREMOTE_CODE_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill uses shell scripts and subprocess calls to manage its environment.\n
scripts/check-cdp.shmanages Chrome processes and starts Chromium with remote debugging.\nscripts/check-agent-browser.shexecutes system commands to install Node.js and global NPM packages.\nscripts/crawl_xueqiu_timeline_api.pyusessubprocess.runto execute theagent-browserCLI tool.\n- [EXTERNAL_DOWNLOADS]: The skill downloads and installs software during setup.\nscripts/check-agent-browser.shinstallsnode@22via Homebrew.\nscripts/check-agent-browser.shfetches and installs theagent-browserpackage globally from the well-known mirrorhttps://registry.npmmirror.com.\n- [REMOTE_CODE_EXECUTION]: The skill performs dynamic code execution within a browser context.\nscripts/crawl_xueqiu_timeline_api.pyutilizesagent-browser evalto run dynamically constructed JavaScript snippets in the browser to interact with Xueqiu's API. Theuser_idvariable is validated via regular expressions before being interpolated into the script.\n- [PROMPT_INJECTION]: The skill has an indirect prompt injection surface as it ingests untrusted data that could be analyzed by an AI agent later.\n- Ingestion points: Xueqiu User Timeline API (
xueqiu.com/v4/statuses/user_timeline.json) via theget_api_data_in_browserfunction inscripts/crawl_xueqiu_timeline_api.py.\n - Boundary markers: No specific delimiters or safety instructions are used when saving the crawled content to Markdown files.\n
- Capability inventory: The skill can perform file system writes and execute network-connected browser automation commands.\n
- Sanitization: The
clean_htmlfunction removes HTML tags but does not filter for malicious linguistic patterns or instructions in the text content.
Audit Metadata