curl-md
Pass
Audited by Gen Agent Trust Hub on May 9, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONDATA_EXFILTRATIONPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill facilitates downloading content and configurations from the official service at https://curl.md using tools like curl and npx.
- [COMMAND_EXECUTION]: It utilizes shell commands such as curl.md, md, curl, and npx to fetch data and install additional capabilities. These are standard operations for the service's functionality.
- [DATA_EXFILTRATION]: User-provided URLs are transmitted to the external curl.md endpoint for processing and conversion. This is the primary intended function of the skill.
- [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection because it ingests and processes untrusted data from external websites.
- Ingestion points: External web content is retrieved via the curl.md CLI or HTTP endpoint as defined in SKILL.md.
- Boundary markers: The instructions lack explicit delimiters or warnings to the agent to ignore instructions embedded within the fetched markdown.
- Capability inventory: The skill has access to shell execution (curl, npx, curl.md) and network operations.
- Sanitization: There is no evidence of sanitization or content validation performed on the retrieved data before it is processed by the agent.
Audit Metadata