content-advisory
Pass
Audited by Gen Agent Trust Hub on Mar 24, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill fetches movie and TV show rating information from the Kids-In-Mind.com website to provide content breakdown details.
- [PROMPT_INJECTION]: Analysis of the surface for indirect prompt injection via scraped content.
- Ingestion points: The
scripts/content_advisory.pyfile fetches HTML content from external movie rating pages atkids-in-mind.com. - Boundary markers: Absent. The script processes text extracted from the website and displays it without explicit boundary delimiters for the agent.
- Capability inventory: The script performs network read operations and local file system writes to manage a cache file at
~/.clawdbot/content-advisory/cache.json. - Sanitization: The
clean_htmlfunction in the script removes HTML tags, strips script/style blocks, and decodes HTML entities to prepare the text for display. - Risk Assessment: As the content is sourced from a reputable, non-profit movie review service and the processing is necessary for the skill's primary function, the risk is negligible.
- [SAFE]: No malicious code, obfuscation, or unauthorized data exfiltration patterns were identified during the analysis.
Audit Metadata