The Agent Skills Directory

[DATA_EXFILTRATION]: The script scripts/crawl.py accesses the .env file in the current working directory to load configuration. Accessing environment files is a security risk as they frequently contain sensitive credentials and private keys.
[DATA_EXFILTRATION]: The skill uses crawl.981234.xyz as its default service endpoint. This is an unknown, non-standard domain that is not a well-known service, which could result in the exposure of crawled URLs and authentication tokens to a third party.
[PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection. It fetches content from arbitrary external URLs and returns it as Markdown to the LLM without applying boundary markers or sanitization, potentially allowing malicious content on the web to manipulate agent behavior.

crawl4ai-fetch