Skills
skills/iannuttall/skills/get-url/Gen Agent Trust Hub

get-url

Pass

Audited by Gen Agent Trust Hub on Mar 1, 2026

Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTION
Full Analysis
  • [EXTERNAL_DOWNLOADS]: The skill utilizes npx to download and execute the playbooks package from the NPM registry. This is a standard method for running Node.js-based utility tools.
  • [COMMAND_EXECUTION]: The skill executes shell commands using npx playbooks get to retrieve content from specified URLs.
  • [INDIRECT_PROMPT_INJECTION]: The skill is designed to ingest data from external web pages, which represents an indirect prompt injection surface.
  • Ingestion points: Content retrieved from the user-provided <url> in SKILL.md.
  • Boundary markers: Not specified in the instructions.
  • Capability inventory: Shell command execution via npx used to fetch and potentially save external content.
  • Sanitization: No sanitization of the fetched markdown content is performed by the skill itself before being presented to the agent.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 1, 2026, 07:42 PM