Skills
skills/terrylica/cc-skills/article-extractor/Gen Agent Trust Hub

article-extractor

Pass

Audited by Gen Agent Trust Hub on Feb 28, 2026

Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill relies on the Bash tool to run specific local scripts including mql5_extract.py and scripts/official_docs_extractor.py for its core functionality.\n- [EXTERNAL_DOWNLOADS]: The skill uses curl to fetch content from mql5.com. Although this is limited to the specific target domain, it involves interaction with an external network resource not on the primary whitelist.\n- [PROMPT_INJECTION]: The skill is vulnerable to indirect prompt injection (Category 8) due to the ingestion of external web data.\n
  • Ingestion points: Articles and documentation are downloaded from mql5.com and processed into the agent's workspace.\n
  • Boundary markers: There are no specified delimiters or 'ignore' instructions provided to the agent to prevent it from following commands potentially embedded in the scraped HTML or Markdown.\n
  • Capability inventory: The agent has access to Bash, Grep, and Glob tools, which could be exploited if malicious instructions are present in the extracted articles.\n
  • Sanitization: The skill documentation does not describe any sanitization or validation of the article text before it is presented to or used by the agent.
Audit Metadata
Risk Level
SAFE
Analyzed
Feb 28, 2026, 03:53 AM