defuddle
Warn
Audited by Gen Agent Trust Hub on Mar 8, 2026
Risk Level: MEDIUMEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONDATA_EXFILTRATIONPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill retrieves content from defuddle.md, an unvetted third-party proxy service that is not part of the author's identified infrastructure or the trusted vendors list.
- [COMMAND_EXECUTION]: The skill uses curl to perform network operations. While it specifies silent and redirect flags, routing traffic through an unvetted intermediary introduces a dependency on an external service's integrity.
- [DATA_EXFILTRATION]: User-provided URLs are transmitted to defuddle.md to facilitate content extraction. This reveals the user's browsing patterns and any potentially sensitive information contained within the URL parameters to an external third-party.
- [PROMPT_INJECTION]: The skill is vulnerable to indirect prompt injection as it fetches untrusted external content and processes it without security controls.
- Ingestion points: Markdown content returned by defuddle.md in the curl command within SKILL.md.
- Boundary markers: Absent. The instructions do not recommend the use of delimiters or 'ignore' instructions for the fetched content.
- Capability inventory: The skill uses curl for network fetching; the agent then interprets the resulting text.
- Sanitization: Absent. There is no evidence of validation or sanitization of the fetched Markdown before it is consumed by the agent.
Audit Metadata