Skills
skills/phrazzld/claude-config/audit-website/Gen Agent Trust Hub

audit-website

Pass

Audited by Gen Agent Trust Hub on Feb 27, 2026

Risk Level: SAFEEXTERNAL_DOWNLOADSREMOTE_CODE_EXECUTIONCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [EXTERNAL_DOWNLOADS]: The skill requires downloading the squirrel CLI from the vendor's official website (squirrelscan.com) and includes commands for self-updates and additional skill installations.
  • [REMOTE_CODE_EXECUTION]: The tool includes self-update and skill installation features (squirrel self update, squirrel skills install) that download and execute code from the vendor's infrastructure.
  • [COMMAND_EXECUTION]: The skill uses the Bash tool to execute the squirrel binary to perform crawls, analysis, and report generation.
  • [PROMPT_INJECTION]: The skill presents an Indirect Prompt Injection surface.
  • Ingestion points: Content from external websites is ingested via squirrel audit and squirrel report commands (SKILL.md).
  • Boundary markers: No instructions are provided to the agent to distinguish between tool analysis and potentially malicious instructions embedded in the audited website content.
  • Capability inventory: The agent is granted Read, Edit, Grep, and Glob tools and is explicitly encouraged to automate code and content fixes based on the audit reports.
  • Sanitization: There is no evidence of sanitization for the data retrieved from external websites, creating a path for malicious instructions on those sites to influence the agent's local code modifications.
Audit Metadata
Risk Level
SAFE
Analyzed
Feb 27, 2026, 02:26 PM