web-fetch-to-markdown
Pass
Audited by Gen Agent Trust Hub on May 14, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [SAFE]: The skill implementation is consistent with its stated purpose as a web utility. No obfuscation, persistence mechanisms, or unauthorized privilege escalation patterns were detected in the provided files.
- [EXTERNAL_DOWNLOADS]: The skill performs network requests to fetch external web content. It includes instructional guardrails to restrict usage to public http(s) sources and to avoid access-controlled content.
- [PROMPT_INJECTION]: The skill possesses a surface for indirect prompt injection because it ingests untrusted external web data for model consumption. 1. Ingestion points: Web content is fetched from arbitrary URLs via the fetchmd utility. 2. Boundary markers: The skill relies on natural language instructions rather than technical delimiters to isolate fetched content. 3. Capability inventory: The skill has network access for fetching and can write output to the local file system. 4. Sanitization: The tool normalizes content into clean Markdown, which helps strip away potentially malicious HTML/JS structures.
Audit Metadata