article-extractor
Pass
Audited by Gen Agent Trust Hub on Mar 1, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill suggests installing software from public registries, including the '@mozilla/readability-cli' package from a trusted organization and the well-known 'trafilatura' library.
- [COMMAND_EXECUTION]: The skill uses bash commands and Python to parse HTML and manage files. It correctly includes steps to sanitize filenames derived from external article titles.
- [DATA_EXFILTRATION]: The tool performs network requests to fetch content from URLs provided by the user. There is no indication that sensitive local data is being accessed or transmitted.
- [PROMPT_INJECTION]: The skill processes untrusted content from external URLs, which creates an indirect prompt injection surface. 1. Ingestion points: Content retrieved from URLs in SKILL.md. 2. Boundary markers: Absent. 3. Capability inventory: Bash, file writing, and network access. 4. Sanitization: Filenames are sanitized for special characters, but the text content is not filtered for embedded instructions.
Audit Metadata