structured-extraction
Pass
Audited by Gen Agent Trust Hub on Apr 16, 2026
Risk Level: SAFECOMMAND_EXECUTION
Full Analysis
- [COMMAND_EXECUTION]: The skill instructions include the use of bashExec with the jq utility to merge JSON data extracted from various sources. The provided example demonstrates a legitimate data processing task using local files.
- [INDIRECT_PROMPT_INJECTION]: The skill is designed to ingest and process content from external websites, which exposes it to potential indirect prompt injection attacks where untrusted data could influence agent behavior. 1. Ingestion points: External websites via scrape and search tools. 2. Boundary markers: None provided to delimit untrusted content. 3. Capability inventory: Includes bashExec for shell commands and spawnAgents for worker management. 4. Sanitization: No explicit steps for sanitizing or validating scraped content are mentioned.
Audit Metadata