Skills
skills/involvex/aetheris/web-scraper/Gen Agent Trust Hub

web-scraper

Pass

Audited by Gen Agent Trust Hub on Mar 26, 2026

Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill utilizes the bash tool to execute curl, jq, and python3 for data retrieval and transformation.
  • Evidence: SKILL.md defines "Strategy C" which uses shell commands for API requests and XML parsing.
  • [PROMPT_INJECTION]: The skill is vulnerable to indirect prompt injection because it ingests and processes untrusted web data using high-capability tools.
  • Ingestion points: Untrusted content enters the agent's context through WebFetch, browser navigation, and page reading tools.
  • Boundary markers: Absent. The skill does not implement delimiters or explicit "ignore embedded instructions" warnings for the content being scraped.
  • Capability inventory: The skill has access to bash (shell), javascript_tool (JS execution), and computer (browser automation) while processing scraped data.
  • Sanitization: No sanitization or validation of the fetched HTML/text content is performed before it is passed to the extraction prompts.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 26, 2026, 04:43 PM