defuddle
Pass
Audited by Gen Agent Trust Hub on Jul 3, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill instructs the user or agent to install an external dependency 'defuddle' via the npm package manager.
- [COMMAND_EXECUTION]: The skill invokes the 'defuddle' command-line tool to process URLs and can write resulting content to local files (e.g., via the -o flag).
- [PROMPT_INJECTION]: The skill exhibits an indirect prompt injection surface as it processes untrusted content from external web pages. Ingestion points: Untrusted data enters the agent context via URLs parsed by the defuddle CLI. Boundary markers: None are defined to separate the extracted content from instructions. Capability inventory: The skill uses subprocess execution of the defuddle CLI and has the ability to write to the file system. Sanitization: There is no logic provided to sanitize or filter the extracted web content for malicious instructions.
Audit Metadata