Skills
skills/mindrally/skills/beautifulsoup-parsing/Gen Agent Trust Hub

beautifulsoup-parsing

Pass

Audited by Gen Agent Trust Hub on Feb 17, 2026

Risk Level: SAFE
Full Analysis
  • Prompt Injection (SAFE): The skill contains no instructions designed to override agent behavior, bypass safety filters, or extract system prompts. It remains strictly focused on its educational purpose.
  • Data Exposure & Exfiltration (SAFE): The code snippets demonstrate standard file reading and network requests via the requests library. No hardcoded credentials, sensitive file paths (like SSH keys), or suspicious data exfiltration patterns were found.
  • Obfuscation (SAFE): All content is provided in clear text. There are no instances of Base64 encoding, zero-width characters, or homoglyph-based evasion techniques.
  • Unverifiable Dependencies & Remote Code Execution (SAFE): The skill references standard, highly-trusted Python packages (beautifulsoup4, lxml, requests). It does not attempt to execute remote scripts via piped commands or perform unsafe dynamic code execution.
  • Privilege Escalation (SAFE): The skill does not use sudo, modify system permissions, or attempt to escalate user privileges.
  • Persistence Mechanisms (SAFE): There are no attempts to modify shell profiles, cron jobs, or startup services to maintain access across sessions.
  • Metadata Poisoning (SAFE): The metadata fields (name, description) accurately describe the skill's content and do not contain deceptive instructions.
  • Indirect Prompt Injection (SAFE): While the skill demonstrates how to ingest data from external URLs, it provides methods for structured data extraction and does not interpolate untrusted content into an LLM instruction stream. Evidence chain: 1) Ingestion via requests.get; 2) Boundary markers not applicable to code snippets; 3) Capability inventory limited to standard web scraping; 4) Sanitization via get_text and float conversion.
  • Time-Delayed / Conditional Attacks (SAFE): No logic was found that gates operations based on dates, times, or specific environment triggers.
  • Dynamic Execution (SAFE): The skill does not use eval(), exec(), or unsafe deserialization (like pickle). Code generation is limited to static, educational templates.
Audit Metadata
Risk Level
SAFE
Analyzed
Feb 17, 2026, 05:22 PM