outscraper
Pass
Audited by Gen Agent Trust Hub on Apr 22, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill instructs the user to install the official Membrane CLI tool (
@membranehq/cli) from the public npm registry. This is a standard requirement for the platform and originates from the skill's vendor. - [COMMAND_EXECUTION]: The skill documentation provides examples of using the
membraneCLI to execute actions and make network requests. These commands are the intended method for interacting with the Outscraper API through the Membrane platform. - [PROMPT_INJECTION]: The skill facilitates the scraping and processing of data from numerous external sources (Google Search, Maps, social media, etc.). This content is untrusted and represents an indirect prompt injection surface where malicious instructions embedded in scraped websites could influence the agent's behavior.
- Ingestion points: Data returned from Outscraper API endpoints (SERP results, reviews, profile details, etc.).
- Boundary markers: None explicitly defined in the skill documentation.
- Capability inventory: Subprocess execution via the
membraneCLI, including network requests (membrane request) and action execution (membrane action run). - Sanitization: The skill does not specify sanitization methods; users should implement their own validation when processing scraped content.
Audit Metadata