web-fetch
Pass
Audited by Gen Agent Trust Hub on Mar 2, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill utilizes common command-line utilities including
curl,grep,sed,mkdir, andpandocto automate the process of fetching, parsing, and storing web content locally.- [EXTERNAL_DOWNLOADS]: Instructions include references to installing well-known software and packages likepandoc,lynx,w3m, and thehtml2textPython package from standard, trusted package managers and registries.- [PROMPT_INJECTION]: The skill processes data from external, untrusted web sources which presents a surface for indirect prompt injection. - Ingestion points: Fetches content from external URLs provided by the user or identified in documents.
- Boundary markers: Fetched content is saved to local files; no specific delimiters or warnings for subsequent LLM processing are defined in the patterns.
- Capability inventory: Includes network access (
curl), file system operations (mkdir, redirection), and text manipulation (sed,grep). - Sanitization: Relies on third-party conversion services (Jina AI Reader) or standard format conversion tools; does not include explicit filtering for malicious instructions embedded in the source articles.
Audit Metadata