Skills
skills/xcrawl-api/xcrawl-skills/xcrawl-scrape/Gen Agent Trust Hub

xcrawl-scrape

Pass

Audited by Gen Agent Trust Hub on Mar 20, 2026

Risk Level: SAFECOMMAND_EXECUTIONDATA_EXFILTRATIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill employs node -e to execute inline JavaScript for reading the local configuration file and parsing API response data.
  • [DATA_EXFILTRATION]: Reads the XCRAWL_API_KEY from the local file ~/.xcrawl/config.json and transmits it to the vendor's API endpoint (run.xcrawl.com) for authentication. This is consistent with the skill's stated functionality.
  • [EXTERNAL_DOWNLOADS]: Communicates with the vendor API at https://run.xcrawl.com and retrieves content from arbitrary URLs provided by the user.
  • [PROMPT_INJECTION]: The skill processes untrusted data from external websites, creating a risk of indirect prompt injection.
  • Ingestion points: Scraped content is retrieved from the XCrawl API results in the SKILL.md workflows.
  • Boundary markers: No specific boundary markers or instructions are provided to the agent to ignore instructions embedded in the retrieved web content.
  • Capability inventory: The skill is granted access to tools including curl, node, and file manipulation commands (Read, Write, Edit, Grep).
  • Sanitization: The skill returns raw response bodies from the API without sanitization or filtering.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 20, 2026, 10:00 AM