url-to-markdown
Pass
Audited by Gen Agent Trust Hub on Mar 14, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: Fetches converted markdown content from the established service
r.jina.aiandmarkdown.newas a fallback. - [COMMAND_EXECUTION]: Executes a local Python script
scripts/url_to_md.pyto manage network requests and save files to the local directory using standard library modules. - [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection through its processing of untrusted external content.
- Ingestion points: Untrusted data enters the agent context through URL fetching via
urllib.request.urlopeninscripts/url_to_md.py. - Boundary markers: Absent. The script retrieves raw content and saves it directly to a file without applying protective delimiters or instructions to ignore embedded commands.
- Capability inventory: The script possesses capabilities for network retrieval and local file writing via
_write_outputinscripts/url_to_md.py. - Sanitization: None. The content is saved exactly as received from the conversion service without any filtering or validation of the Markdown body.
Audit Metadata