Skills
skills/ryenlvy/skills/crawl/Gen Agent Trust Hub

crawl

Pass

Audited by Gen Agent Trust Hub on Mar 5, 2026

Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [EXTERNAL_DOWNLOADS]: The skill makes network requests to https://api.inspiro.top to perform crawling and mapping operations.
  • [COMMAND_EXECUTION]: The provided scripts/crawl.sh executes several shell utilities including curl, jq, sed, mkdir, and base64. These are used to interact with the API, parse JSON data, and manage local files.
  • [PROMPT_INJECTION]: The skill identifies as having an indirect prompt injection surface because it ingests untrusted data from external websites that may be subsequently processed by an AI agent.
  • Ingestion points: Website content is retrieved from external URLs and processed in scripts/crawl.sh.
  • Boundary markers: No specific boundary markers or delimiters are added to the saved markdown files to differentiate between source content and instructions.
  • Capability inventory: The skill can perform network requests and write files to the local directory provided by the user.
  • Sanitization: The script performs filename sanitization using sed to prevent path traversal, but it does not sanitize the body of the retrieved web content.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 5, 2026, 09:48 AM