t3-hardware-scoring
Pass
Audited by Gen Agent Trust Hub on Mar 8, 2026
Risk Level: SAFECOMMAND_EXECUTIONDATA_EXFILTRATIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill executes local Python scripts (
scripts/crawl_product_info.pyandscripts/synthesize_results.py) via subprocess to automate the data collection and result synthesis workflow. - [DATA_EXFILTRATION]: The
scripts/crawl_product_info.pyscript performs network operations to fetch content from arbitrary external URLs provided at runtime. It also utilizes the well-known Jina AI Reader service (r.jina.ai) to retrieve markdown-formatted content. - [PROMPT_INJECTION]: The skill possesses a vulnerability surface for indirect prompt injection as it ingests untrusted content from external product pages. Ingestion points: Raw product data is fetched by
scripts/crawl_product_info.py. Boundary markers: While the skill uses source tagging (e.g., [S1]) and brand-blinding to structure data, it lacks explicit 'ignore instructions' delimiters for the ingested text. Capability inventory: The skill has capabilities for subprocess execution and outbound network requests. Sanitization: Basic HTML tag stripping is implemented inscripts/crawl_product_info.pyusing regular expressions.
Audit Metadata