create-tldr-page
Pass
Audited by Gen Agent Trust Hub on May 19, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill fetches content from external, user-provided URLs using
#tool:fetchas part of its core functionality. It also references exampletldrpages from a non-authoritative third-party GitHub repository (jhauga/tldr). While this is used for reference, it introduces a dependency on external content not controlled by the skill author. - [PROMPT_INJECTION]: The skill contains a self-referential instruction requiring the agent to provide a summary of its own prompt instructions when a help flag (like
--help) is detected. This is a form of controlled prompt extraction. - [PROMPT_INJECTION]: The skill is vulnerable to indirect prompt injection (Category 8):
- Ingestion points: Content is ingested from user-supplied documentation URLs via
#tool:fetch(specified inSKILL.md). - Boundary markers: No explicit boundary markers or "ignore embedded instructions" warnings are used when processing the fetched content.
- Capability inventory: The skill is designed to analyze documentation and generate markdown text; no high-risk capabilities like command execution or file-system writes were identified in the logic.
- Sanitization: No sanitization or validation of the fetched documentation content is mentioned before it is processed by the agent. To mitigate this, external content should be wrapped in clear delimiters with instructions for the agent to treat it as data only.
Audit Metadata