Skills
skills/zephyrwang6/info-skill/baoyu-url-to-markdown/Gen Agent Trust Hub

baoyu-url-to-markdown

Pass

Audited by Gen Agent Trust Hub on Apr 30, 2026

Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
  • [COMMAND_EXECUTION]: The skill uses child_process.spawn to launch a browser instance (Chrome, Chromium, or Edge) for rendering web pages. This is the primary intended mechanism for capturing JavaScript-heavy content.\n- [EXTERNAL_DOWNLOADS]: Fetches data from remote URLs specified by the user and utilizes npx which may download the Bun runtime or dependencies during execution.\n- [PROMPT_INJECTION]: The skill processes untrusted web content, creating a surface for indirect prompt injection if the agent interprets the converted output as instructions.\n
  • Ingestion points: scripts/main.ts fetches and extracts content from arbitrary URLs.\n
  • Boundary markers: Output is prefixed with YAML metadata, but lacks explicit boundary delimiters instructing the agent to ignore embedded commands in the body.\n
  • Capability inventory: The skill can write files and execute browser subprocesses.\n
  • Sanitization: Implements robust filtering via turndown and linkedom to strip <script>, <iframe>, and other potentially malicious HTML tags before Markdown conversion.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 30, 2026, 04:17 PM