Skills
skills/uholysmokes/voidverse-alt/web-reader/Gen Agent Trust Hub

web-reader

Fail

Audited by Gen Agent Trust Hub on Feb 17, 2026

Risk Level: CRITICALEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
  • EXTERNAL_DOWNLOADS (MEDIUM): The script relies on the unverified library z-ai-web-dev-sdk. Fetching data via unknown SDKs presents a supply chain risk where the execution logic is hidden from review.
  • PROMPT_INJECTION (LOW): The skill is susceptible to Indirect Prompt Injection (Category 8) by design as it ingests and processes untrusted web data.
  • Ingestion points: zai.functions.invoke('page_reader', { url }) in scripts/web-reader.ts fetches arbitrary content from the internet.
  • Boundary markers: No delimiters or safety instructions are used to separate fetched content from system instructions.
  • Capability inventory: Remote function calls to fetch external content with network access.
  • Sanitization: No sanitization of the retrieved HTML or text is performed before processing.
Recommendations
  • Contains 1 malicious URL(s) - DO NOT USE
Audit Metadata
Risk Level
CRITICAL
Analyzed
Feb 17, 2026, 06:39 PM