Skills
skills/codealive-ai/agents-reflection-skills/fetch-url-as-markdown/Gen Agent Trust Hub

fetch-url-as-markdown

Pass

Audited by Gen Agent Trust Hub on May 9, 2026

Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
  • [PROMPT_INJECTION]: The skill fetches content from arbitrary external URLs and presents it to the agent, which can lead to indirect prompt injection if the source content contains malicious instructions.\n
  • Ingestion points: The scripts/fetch_url.py script downloads raw HTML/text data from user-supplied URLs.\n
  • Boundary markers: Absent. The output is provided directly as Markdown without protective delimiters or instructions to the agent to ignore embedded commands.\n
  • Capability inventory: The agent is instructed to execute local Python scripts and invoke other MCP tools (like Exa) based on the input.\n
  • Sanitization: The skill uses the trafilatura library to extract main text and convert it to Markdown, which removes code tags but does not filter semantic instructions.\n- [COMMAND_EXECUTION]: The skill workflow requires the agent to execute a bundled Python script (fetch_url.py) and suggests installing dependencies via pip install --break-system-packages trafilatura.\n- [EXTERNAL_DOWNLOADS]: The core functionality of the skill involves downloading content from remote, user-defined URLs using the trafilatura library.
Audit Metadata
Risk Level
SAFE
Analyzed
May 9, 2026, 10:57 PM