scraping
Warn
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: MEDIUMEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONDATA_EXFILTRATION
Full Analysis
- COMMAND_EXECUTION (MEDIUM): The skill frequently uses
nu -cto execute shell commands, includingplugin add query webwhich installs external code into the shell environment. - EXTERNAL_DOWNLOADS (MEDIUM): The prerequisites section requires the installation of the
query webplugin from an external source at runtime. - DATA_EXFILTRATION (LOW): The skill demonstrates the use of authentication headers (Bearer tokens, API keys) and
http postrequests. While necessary for its purpose, these capabilities could be used to send sensitive information to external domains. - INDIRECT PROMPT INJECTION (LOW): This skill has a significant attack surface for indirect prompt injection (Category 8).
- Ingestion points: Untrusted data enters via
http get,navigate-browser, andquery-html-elements. - Boundary markers: None present; external content is processed directly.
- Capability inventory: High-risk capabilities include
evaluate-javascript,http post, andclick-element. - Sanitization: No evidence of sanitization or escaping of scraped content before potential interpolation into LLM prompts.
Audit Metadata