uapi-post-web-tomarkdown-async
Pass
Audited by Gen Agent Trust Hub on Jul 9, 2026
Risk Level: SAFEPROMPT_INJECTIONEXTERNAL_DOWNLOADS
Full Analysis
- [PROMPT_INJECTION]: The skill defines a surface for indirect prompt injection by facilitating the processing of external web content via the
urlparameter. Malicious instructions could potentially be embedded in the source webpages converted by the API. - Ingestion points:
urlquery parameter inreferences/operations/post-web-tomarkdown-async.md. - Boundary markers: No delimiters or explicit instructions to ignore embedded content are provided.
- Capability inventory: The skill contains no executable scripts, file-write capabilities, or local system tools.
- Sanitization: No instructions for escaping or validating the external content are included.
- [EXTERNAL_DOWNLOADS]: The skill is configured to interact with the external domain
uapis.cnto perform its primary web-to-markdown conversion task. This communication is essential to the skill's intended purpose.
Audit Metadata