skills/mukul975/anthropic-cybersecurity-skills/analyzing-malicious-url-with-urlscan/Gen Agent Trust Hub
analyzing-malicious-url-with-urlscan
Pass
Audited by Gen Agent Trust Hub on Apr 7, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill utilizes the requests library to communicate with official API endpoints for URLScan.io and VirusTotal. These network operations are standard for the skill's intended purpose of security triage and interact with well-known, trusted industry services.
- [SAFE]: Sensitive data handling is implemented using security best practices, such as accepting API keys through environment variables or command-line arguments rather than hardcoding them in the scripts.
- [SAFE]: The skill exhibits an indirect prompt injection surface as it processes external content fetched from the internet (e.g., page titles and DOM snapshots). 1. Ingestion points: JSON responses from the URLScan.io API containing page metadata. 2. Boundary markers: Absent. 3. Capability inventory: Network access via the requests library and local file writing for reporting. 4. Sanitization: Absent, as the tool is intended to provide raw analysis data to the user. This is an inherent property of the tool's function and does not constitute a malicious pattern.
- [SAFE]: No persistence mechanisms, privilege escalation attempts, or obfuscated code patterns were found. The skill's behavior is consistent with its documentation.
Audit Metadata