Skills
skills/nowork-studio/toprank/broken-link-checker/Gen Agent Trust Hub

broken-link-checker

Pass

Audited by Gen Agent Trust Hub on May 1, 2026

Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
  • [PROMPT_INJECTION]: Indirect Prompt Injection surface. The skill crawls external websites and parses their HTML content to find links. If an attacker controls a crawled website, they could embed malicious instructions (e.g., hidden in text or metadata) designed to influence the agent's behavior when it analyzes the resulting scan report.
  • Ingestion points: The checker.py script reads and decodes HTML content from external URLs provided via $TARGET_URL (e.g., html = response.read().decode('utf-8')).
  • Boundary markers: The skill lacks explicit boundary markers or 'ignore' instructions for the agent when it processes the resulting scan report in Step 3 of SKILL.md.
  • Capability inventory: The agent has the capability to execute shell commands (python3 seo/broken-link-checker/scripts/checker.py) and perform network requests (via the script).
  • Sanitization: The script performs no sanitization or filtering of the content it extracts; it passes data from the website directly into the report for the agent's analysis.
  • [COMMAND_EXECUTION]: The skill executes a Python script using the shell. While the input $TARGET_URL is intended to be a URL, it is interpolated directly into a bash command line (--url "$TARGET_URL"). While the agent typically provides the URL, if the URL itself contains shell metacharacters, it could potentially lead to command injection, though the use of double quotes provides some mitigation.
Audit Metadata
Risk Level
SAFE
Analyzed
May 1, 2026, 06:13 PM