fetching-blocked-urls
Pass
Audited by Gen Agent Trust Hub on Feb 16, 2026
Risk Level: LOWEXTERNAL_DOWNLOADSCOMMAND_EXECUTION
Full Analysis
- [Data Exposure & Exfiltration] (LOW): The skill sends target URLs to
https://r.jina.ai. This involves sharing potentially sensitive data (such as URLs with session tokens or internal addresses) with a third-party service not listed in the trusted sources. - [Indirect Prompt Injection] (LOW): The skill is designed to fetch and convert external web content into markdown for the agent to process. This creates a vulnerability surface where malicious instructions on external websites could influence agent behavior. No explicit boundary markers or sanitization steps are defined to mitigate this.
- [Command Execution] (LOW): Employs a bash loop and
curlto handle retries. While the commands are localized and hardcoded to the Jina service, it represents a pattern of script execution for network operations.
Audit Metadata