scrapeninja
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFE
Full Analysis
- [Data Exposure & Exfiltration] (SAFE): The skill correctly uses the
vm0_secretsmanifest for theSCRAPENINJA_API_KEY. Network communication is restricted to legitimate API endpoints atrapidapi.comandapiroad.net. No unauthorized data access or exfiltration patterns were found.\n- [Command Execution] (SAFE): While the skill utilizesbash -candcurl, these are standard for making API requests and handling environment variables within the agent's environment. The usage is transparent and limited to the stated purpose.\n- [Indirect Prompt Injection] (LOW): As a scraping tool, this skill inherently processes untrusted data from the internet which could contain adversarial instructions.\n - Ingestion points: Content retrieved from scraped URLs in
curlresponses.\n - Boundary markers: None identified in the provided templates.\n
- Capability inventory: Ability to write temporary files to
/tmp, execute shell commands viabash -c, and perform network operations.\n - Sanitization: The skill does not perform sanitization of the scraped content before returning it to the agent.
Audit Metadata