image-fetcher
Pass
Audited by Gen Agent Trust Hub on Mar 15, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill exposes a surface for indirect prompt injection by processing untrusted data from the web.
- Ingestion points: The skill retrieves content through the web_search tool and by navigating to external URLs using the Playwright browser interface (SKILL.md).
- Boundary markers: There are no instructions to use delimiters or ignore embedded commands within the content retrieved from external sites.
- Capability inventory: The skill can perform web searches, navigate a browser, capture screenshots, and write files to the reference/ and output/ directories (SKILL.md).
- Sanitization: The skill implements proactive safety filters to block the file:// protocol and prevent access to localhost or private IP ranges (127.0.0.1, 10.x, 192.168.x), which mitigates common SSRF and file exfiltration vectors.
Audit Metadata