Skills
skills/oaustegard/claude-skills/fetching-blocked-urls/Gen Agent Trust Hub

fetching-blocked-urls

Pass

Audited by Gen Agent Trust Hub on Apr 28, 2026

Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: Executes shell-based curl commands in a retry loop to interact with an external service.- [EXTERNAL_DOWNLOADS]: Fetches markdown-formatted web content from the Jina AI reader service (r.jina.ai) when standard fetch tools fail.- [PROMPT_INJECTION]: Creates an attack surface for indirect prompt injection from malicious instructions embedded in the fetched external web content.
  • Ingestion points: Markdown content retrieved via curl from r.jina.ai in SKILL.md.
  • Boundary markers: Absent; the fetched content is returned directly to the agent's context without delimiters or safety framing.
  • Capability inventory: Shell execution capabilities (curl) and native web tools.
  • Sanitization: No sanitization or content validation is performed on the data returned by the third-party service.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 28, 2026, 08:24 AM