skills/gpttang/skill-atlas/clean-content-fetch/Snyk

clean-content-fetch

Warn

Audited by Snyk on May 29, 2026

Risk Level: MEDIUM

Full Analysis

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

Third-party content exposure detected (high risk: 0.85). 该技能在运行时接收用户提供的 <url> 并通过 scrapling/curl_cffi/playwright 抓取网页正文，再用 html2text 将网页 HTML/正文提取为可读 Markdown 文本进入 LLM 上下文，因此可能包含“公共网页/任意 URL 的外部正文”这类 outsider free text。

Issues (1)

W011

MEDIUM

Third-party content exposure detected (indirect prompt injection risk).

Audit Metadata

Risk Level

MEDIUM

Analyzed

May 29, 2026, 04:27 PM

Issues

1

Security Audit — snyk — clean-content-fetch