doc-scraper
Pass
Audited by Gen Agent Trust Hub on Mar 13, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSREMOTE_CODE_EXECUTIONCOMMAND_EXECUTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: Fetches the 'uv' package manager installation script from Astral's official domain. Astral is a well-known service in the Python community.
- [REMOTE_CODE_EXECUTION]: The script uses piped execution commands ('curl | sh' and 'irm | iex') to install the 'uv' tool during the bootstrap process. This is the standard installation procedure for this well-known software.
- [COMMAND_EXECUTION]: Utilizes system commands to automate the installation of dependencies and the scraper package itself, facilitating a streamlined setup as documented.
- [PROMPT_INJECTION]: The skill processes external content from Snowflake's documentation which could theoretically contain malicious instructions.
- Ingestion points: Fetches HTML from 'docs.snowflake.com' in 'scripts/doc_scraper.py'.
- Boundary markers: No explicit delimiters are used for the scraped content within the generated Markdown files.
- Capability inventory: The script has file system write access ('scripts/doc_scraper.py').
- Sanitization: Employs 'BeautifulSoup' and 'markdownify' to parse and structure the scraped HTML content.
Audit Metadata