Skills
skills/azure12355/weilan-skills/baoyu-url-to-markdown/Gen Agent Trust Hub

baoyu-url-to-markdown

Pass

Audited by Gen Agent Trust Hub on Mar 9, 2026

Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill launches a local browser instance (Chrome, Edge, or Chromium) to render web pages.\n
  • Evidence: scripts/cdp.ts uses child_process.spawn to execute browser binaries found in standard system paths or environment variables.\n- [EXTERNAL_DOWNLOADS]: The skill connects to and retrieves content from user-provided external URLs.\n
  • Evidence: scripts/main.ts accepts a URL argument and scripts/cdp.ts uses CDP to navigate the browser to that remote resource.\n- [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection because it processes untrusted data from the internet.\n
  • Ingestion points: Web page content is ingested from arbitrary URLs passed to the main.ts script.\n
  • Boundary markers: Output is enclosed in a YAML frontmatter block in scripts/html-to-markdown.ts, providing some structural separation.\n
  • Capability inventory: The skill possesses file write permissions via fs.writeFile in scripts/main.ts and can spawn subprocesses via scripts/cdp.ts.\n
  • Sanitization: scripts/html-to-markdown.ts uses linkedom and turndown rules to remove potentially malicious elements like <script>, <style>, and <iframe> tags.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 9, 2026, 11:41 PM