google-image-crawler
Pass
Audited by Gen Agent Trust Hub on Feb 19, 2026
Risk Level: SAFE
Full Analysis
- [Indirect Prompt Injection] (LOW): The skill is designed to crawl external web data (Google Image search results) including image titles and source URLs. This creates a surface for indirect prompt injection where malicious content on a webpage could influence the agent's behavior if it processes the crawler's output.
- Ingestion points:
scripts/crawl.pyextracts data from web search results. - Boundary markers: None; search results are returned as structured JSON but without delimiters to warn downstream LLM processing.
- Capability inventory: Network access for crawling and file system writes for saving results.
- Sanitization: The provided scripts do not show sanitization of retrieved titles or metadata.
- [Unverifiable Dependencies] (SAFE): The core logic for the crawler (
core/crawler.py) is missing from the provided files. However, the interface inscripts/crawl.pyand the configuration management incore/config.pydo not exhibit malicious patterns or suspicious execution methods likeevalorsubprocesscalls on untrusted data.
Audit Metadata