instagram-marketing
Pass
Audited by Gen Agent Trust Hub on Feb 28, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill requires the execution of
scripts/extract_product.pyto extract product metadata from provided URLs. - [EXTERNAL_DOWNLOADS]: The extraction script uses the
requestslibrary to perform network GET requests to user-provided external e-commerce domains. - [PROMPT_INJECTION]: The skill has a risk of indirect prompt injection as it ingests and processes text from third-party websites without proper sanitization.
- Ingestion points: Product descriptions, names, and features are fetched from external URLs via
scripts/extract_product.py. - Boundary markers: The skill does not implement delimiters or explicit 'ignore embedded instructions' warnings for the data extracted from the web.
- Capability inventory: The agent can run local scripts and generate content based on the output of those scripts.
- Sanitization: The Python script truncates text length but does not filter for potential prompt injection strings or malicious instructions embedded in the HTML content.
Audit Metadata