audit-website-pro
Pass
Audited by Gen Agent Trust Hub on Mar 1, 2026
Risk Level: SAFEPROMPT_INJECTIONDATA_EXFILTRATION
Full Analysis
- [PROMPT_INJECTION]: The skill is vulnerable to indirect prompt injection by design.
- Ingestion points: The skill ingests untrusted content from external websites (such as page titles, meta descriptions, and link anchor text) via the API responses from
api.402claw.comas described inSKILL.md. - Boundary markers: The instructions lack explicit delimiters or 'ignore' directives to separate untrusted web content from the agent's logic, which could allow malicious content on a target site to influence the agent's summary.
- Capability inventory: The skill possesses the capability to perform network operations to the vendor's API.
- Sanitization: No sanitization or validation logic is defined in the instructions to filter potentially malicious strings returned by the API.
- [DATA_EXFILTRATION]: The skill transmits user-provided URLs to an external service (
api.402claw.com). While this is the primary purpose of the 'audit' functionality, it constitutes a data flow where target URLs are shared with the service provider '402claw'.
Audit Metadata