fetch4ai
Pass
Audited by Gen Agent Trust Hub on Mar 10, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill requires the installation of the third-party library 'crawl4ai' and its browser setup utility.
- [COMMAND_EXECUTION]: It executes a local Python script ('scripts/fetch4ai.py') via the Bash tool to perform web scraping.
- [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection as it ingests untrusted data from the internet. 1. Ingestion points: Arbitrary web content is fetched via the --url argument in 'scripts/fetch4ai.py'. 2. Boundary markers: The fetched content is returned in structured JSON or Markdown format. 3. Capability inventory: The agent has access to Bash, Read, and Write tools which could be exploited if an injection is successful. 4. Sanitization: No content sanitization is performed to detect or remove prompt injection strings from the scraped text.
Audit Metadata