baoyu-url-to-markdown
Pass
Audited by Gen Agent Trust Hub on Mar 12, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill launches a local web browser (Chrome, Chromium, or Edge) using
child_process.spawnto render target URLs for content extraction. It attempts to find these binaries in standard system paths or respects a user-definedURL_CHROME_PATHenvironment variable. - [PROMPT_INJECTION]: As the skill processes content from arbitrary external URLs, it creates an indirect prompt injection surface. Malicious instructions embedded in a target webpage could potentially influence the agent if it subsequently interprets the generated markdown. The skill mitigates this by using sanitization logic to remove executable tags like
<script>,<style>, and<iframe>before processing.
Audit Metadata