landing-page-intel
Pass
Audited by Gen Agent Trust Hub on Mar 28, 2026
Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
- [PROMPT_INJECTION]: The skill extracts content from untrusted external HTML, including hidden comments and metadata, creating a surface for Indirect Prompt Injection that could manipulate subsequent agent actions.\n
- Ingestion points: The
scripts/scrape_landing_page.pyscript fetches raw HTML from URLs provided by the user inSKILL.md.\n - Boundary markers: Extracted strings are included in the output report without delimiters or explicit instructions to the agent to treat them as untrusted data.\n
- Capability inventory: The skill performs network requests and parsing to generate data consumed by the AI agent context.\n
- Sanitization: No sanitization or filtering is performed on the extracted HTML content before inclusion in the output.\n- [COMMAND_EXECUTION]: The skill executes a Python script that performs network operations on arbitrary URLs provided as command-line arguments. This capability can be leveraged for Server-Side Request Forgery (SSRF) to probe services on the local network or internal infrastructure if the execution environment is not strictly isolated.
Audit Metadata