defuddle
Pass
Audited by Gen Agent Trust Hub on Apr 3, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill recommends installing the 'defuddle' package globally via npm. This introduces a dependency on external code from a source that is not a well-known service or trusted organization.
- [COMMAND_EXECUTION]: The skill instructions require the agent to execute shell commands using the 'defuddle' CLI tool to parse web pages.
- [PROMPT_INJECTION]: The skill is vulnerable to indirect prompt injection because it processes content from arbitrary external URLs which could contain malicious instructions.
- Ingestion points: Web content retrieved from external URLs provided to the 'defuddle parse' command.
- Boundary markers: No delimiters or isolation instructions are present to distinguish the fetched content from agent instructions.
- Capability inventory: Execution of shell commands via the 'defuddle' tool as specified in SKILL.md.
- Sanitization: The skill does not mention or implement any sanitization or validation of the content extracted from web pages before processing it.
Audit Metadata