clean-web-markdown
Pass
Audited by Gen Agent Trust Hub on Jun 16, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill fetches content from external, user-provided URLs and interacts with well-known technology services including Jina Reader (r.jina.ai) and Firecrawl (api.firecrawl.dev).
- [COMMAND_EXECUTION]: The skill triggers the execution of a local Python script
scripts/fetch_markdown.pyto handle URL normalization and retrieval logic. - [PROMPT_INJECTION]: The skill presents an indirect prompt injection surface as it retrieves untrusted data from the internet. 1. Ingestion points: Web content is fetched in
scripts/fetch_markdown.py. 2. Boundary markers: No explicit delimiters or instructions to ignore embedded instructions are used in the output. 3. Capability inventory: The skill utilizes network access and script execution. 4. Sanitization: Fetched content is returned to the agent without sanitization or filtering.
Audit Metadata