clean-web-markdown

Pass

Audited by Gen Agent Trust Hub on Jun 16, 2026

Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [EXTERNAL_DOWNLOADS]: The skill fetches content from external, user-provided URLs and interacts with well-known technology services including Jina Reader (r.jina.ai) and Firecrawl (api.firecrawl.dev).
  • [COMMAND_EXECUTION]: The skill triggers the execution of a local Python script scripts/fetch_markdown.py to handle URL normalization and retrieval logic.
  • [PROMPT_INJECTION]: The skill presents an indirect prompt injection surface as it retrieves untrusted data from the internet. 1. Ingestion points: Web content is fetched in scripts/fetch_markdown.py. 2. Boundary markers: No explicit delimiters or instructions to ignore embedded instructions are used in the output. 3. Capability inventory: The skill utilizes network access and script execution. 4. Sanitization: Fetched content is returned to the agent without sanitization or filtering.
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 16, 2026, 01:45 PM
Security Audit — agent-trust-hub — clean-web-markdown