website2markdown
Pass
Audited by Gen Agent Trust Hub on Mar 4, 2026
Risk Level: SAFE
Full Analysis
- [PROMPT_INJECTION]: The skill processes content from untrusted external URLs, which is a known vector for indirect prompt injection. \n
- Ingestion points: External web content is fetched and converted via the
md.genedai.meAPI. \n - Boundary markers: The skill does not explicitly define markers to delimit the untrusted content in the agent's context. \n
- Capability inventory: The skill uses
curlfor network requests but does not possess capabilities for file modification or system command execution based on fetched data. \n - Sanitization: Content conversion to Markdown occurs on the server-side API; the skill itself does not perform additional client-side sanitization. \n- [DATA_EXFILTRATION]: No unauthorized data exposure or exfiltration patterns were found. The transmission of URLs to the author's API is the core intended purpose of the skill and does not involve sensitive system data. \n- [REMOTE_CODE_EXECUTION]: No remote code execution vulnerabilities were identified. The implementation is restricted to safe, non-interactive network requests for content retrieval.
Audit Metadata