web-content-fetcher
Pass
Audited by Gen Agent Trust Hub on Apr 1, 2026
Risk Level: SAFE
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill references external utility services, specifically
r.jina.ai(Jina Reader) anddefuddle.md, to facilitate web content extraction and Markdown conversion. These are well-known services commonly used for providing LLM-friendly content from dynamic or advertisement-heavy websites. - [PROMPT_INJECTION]: The skill facilitates the ingestion of content from arbitrary third-party URLs, which introduces a surface for indirect prompt injection.
- Ingestion points: Untrusted data enters the agent context via content fetched from user-specified or searched URLs in
SKILL.md. - Boundary markers: The instructions do not explicitly mandate the use of delimiters or instructions to ignore embedded commands within the fetched content.
- Capability inventory: The agent processes the fetched content for display or transformation tasks, using tools like
WebFetchandWebSearch. - Sanitization: There is no explicit requirement for the agent to sanitize or filter the content before processing.
Audit Metadata