web-scraping
Pass
Audited by Gen Agent Trust Hub on Feb 23, 2026
Risk Level: SAFENO_CODE
Full Analysis
- [PROMPT_INJECTION]: The skill facilitates the ingestion of untrusted data from external web pages, creating a potential surface for indirect prompt injection attacks where malicious web content could influence agent behavior.
- Ingestion points: Data enters the agent context through the
mcp__scraper__scrape_url,mcp__scraper__scrape_url_html,mcp__scraper__scrape_url_text, andmcp__scraper__scrape_extract_linkstools described inSKILL.md. - Boundary markers: No explicit delimiters or 'ignore embedded instructions' warnings are mentioned in the tool documentation to isolate retrieved content.
- Capability inventory: The tools provide network read capabilities to fetch content from user-provided URLs.
- Sanitization: While the text extraction tool offers basic HTML tag stripping for formatting purposes, it does not implement security-focused sanitization or validation of the retrieved content.
Audit Metadata