temu-competitor-search
Pass
Audited by Gen Agent Trust Hub on Mar 2, 2026
Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
- [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection because it ingests and parses untrusted HTML content from external Temu web pages to extract product details.
- Ingestion points: The script
scripts/scrape_temu.pyfetches and parses HTML content fromtemu.combased on user-provided keywords. - Boundary markers: The skill does not implement explicit boundary markers or system instructions to distinguish between the scraped data and the agent's core instructions.
- Capability inventory: The skill has the capability to perform network requests (
requests) and execute local scripts (scripts/scrape_temu.py). - Sanitization: While the script parses specific HTML elements like titles and prices using
beautifulsoup4, it does not sanitize the text content for potential malicious instructions hidden within product descriptions or metadata that could influence the agent's behavior. - [COMMAND_EXECUTION]: The skill includes a Python script
scripts/scrape_temu.pyand a shell scriptscripts/setup.shthat are intended to be executed within the agent's environment to perform the search and setup tasks. - [EXTERNAL_DOWNLOADS]: The
scripts/setup.shfile usespipto install well-known and standard third-party libraries (requests,beautifulsoup4) from the official Python Package Index (PyPI). These are standard dependencies for the skill's stated purpose.
Audit Metadata