Skills
skills/gpttang/skill-atlas/clean-content-fetch/Gen Agent Trust Hub

clean-content-fetch

Pass

Audited by Gen Agent Trust Hub on May 29, 2026

Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill instructs the agent to manage a Python virtual environment and execute a local script (scrapling_fetch.py). These instructions utilize absolute paths specific to a single user environment (/Users/zzd/...), which may lead to execution failures or path confusion on other systems.
  • [PROMPT_INJECTION]: The skill exhibits an Indirect Prompt Injection surface as it fetches and processes content from arbitrary external URLs:
  • Ingestion points: External web content is ingested through URLs provided to the scrapling_fetch.py script as documented in SKILL.md.
  • Capability inventory: The skill utilizes subprocess execution of Python scripts and browser automation via Playwright to fetch data.
  • Sanitization: While html2text is used to convert HTML to Markdown, this process does not filter out malicious natural language instructions that might target the LLM.
  • Boundary markers: No explicit boundary markers or instructions are provided to the agent to treat the fetched content as untrusted or to ignore instructions embedded within the processed text.
Audit Metadata
Risk Level
SAFE
Analyzed
May 29, 2026, 04:27 PM
Security Audit — agent-trust-hub — clean-content-fetch