Security Audit
anysiteio/agent-skills:skills/anysite-competitor-intelligence
github.com/anysiteio/agent-skillsTrust Assessment
anysiteio/agent-skills:skills/anysite-competitor-intelligence received a trust score of 85/100, placing it in the Mostly Trusted category. This skill has passed most security checks with only minor considerations noted.
SkillShield's automated analysis identified 1 finding: 0 critical, 0 high, 1 medium, and 0 low severity. Key findings include Broad Web Scraping Capability via `webparser` Tool.
The analysis covered 4 layers: Manifest Analysis, Static Code Analysis, Dependency Graph, LLM Behavioral Safety. All layers scored 70 or above, reflecting consistent security practices.
Last analyzed on April 1, 2026 (commit 5cefedb0). SkillShield performs automated 4-layer security analysis on AI skills and MCP servers.
Layer Breakdown
Behavioral Risk Signals
Security Findings1
| Severity | Finding | Layer | Location | |
|---|---|---|---|---|
| MEDIUM | Broad Web Scraping Capability via `webparser` Tool The skill provides access to a `webparser` tool through the `execute` meta-tool, specifically `execute("webparser", "parse", "parse", {"url": "..."})` and `execute("webparser", "sitemap", "sitemap", {"url": "..."})`. This capability allows the LLM to request and retrieve content from arbitrary URLs on the internet. If the LLM is compromised or manipulated through prompt injection, it could be directed to:
1. Perform unauthorized reconnaissance on arbitrary external targets.
2. Attempt to scrape sensitive information from internal network resources (if the agent has network access to them).
3. Potentially exfiltrate data by fetching content from a controlled external endpoint, although the skill description primarily focuses on data retrieval rather than direct sending.
This broad access to web content without explicit domain restrictions poses a risk for data exposure and unauthorized information gathering. 1. **Restrict `webparser` to a whitelist of allowed domains/IPs**: Limit the URLs the `webparser` can access to only those explicitly relevant for competitor intelligence (e.g., public company websites, social media domains, industry-specific news sites). Avoid allowing access to internal network addresses or arbitrary external domains. 2. **Implement strict input validation and sanitization for the `url` parameter**: Ensure that any URL provided to `webparser` conforms to expected patterns and does not contain malicious constructs or attempts to bypass restrictions. 3. **Isolate the `webparser` execution environment**: Run the web scraping component in a sandboxed environment with minimal network access to prevent lateral movement or access to sensitive internal resources. 4. **Require explicit user confirmation for `webparser` calls to new or sensitive domains**: For operations involving web scraping of domains not previously approved, prompt the user for approval before proceeding. | LLM | SKILL.md:300 |
Scan History
Embed Code
[](https://skillshield.io/report/8b19899bce353e9e)
Powered by SkillShield