zhipu web fetch

Security checks across malware telemetry and agentic risk

Overview

This skill does what it says: it sends a user-provided URL to Zhipu's Reader API and returns parsed page content.

Install only if you are comfortable sending requested URLs and resulting page-processing metadata to Zhipu's service under your API key. Avoid private, token-bearing, internal, regulated, or secret-containing URLs unless that sharing is approved, and treat fetched page text as untrusted source material rather than instructions.

SkillSpector

By NVIDIA

Vulnerability Patterns

Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep

Findings (2)

Missing User Warnings

Medium

Confidence: 96% confidence
Finding: The skill description encourages users to submit arbitrary URLs for fetching but does not clearly warn that those URLs and the fetched page contents are transmitted to Zhipu's external Reader API. This creates a privacy and data-handling risk because users may provide internal, sensitive, or regulated content without informed consent.

Missing User Warnings

Medium

Confidence: 83% confidence
Finding: The script transmits the user-supplied URL, fetch options, and authorization credential to a remote third-party service without any explicit runtime disclosure or consent beyond minimal help text. This can expose sensitive internal URLs, private targets, or user intent metadata to the provider, which is a meaningful privacy and data-governance risk in an agent skill context.

VirusTotal

56/56 vendors flagged this skill as clean.

View on VirusTotal