We use cookies to improve your experience on our site.
AVID-2026-R0423
Description
TheLibrarian.io Internal Cloud Environment Access via web_fetch Tool
Details
The web_fetch tool is intended to accept a public URL and retrieve the contents. When asked to retrieve the contents from a private destination (such as http://localhost), the AI rightly refuses. Unfortunately, it can be easily tricked and subverted. By providing encoded or non-obvious variations, the AI does not validate the input and proceeds to point its fetching client inward, thereby exposing internal information.
References
- Mindgard Disclosure
- TheLibrarian.io’s AI Security Is Checked Out, and Their Disclosure Response Is Overdue
Affected or Relevant Artifacts
- Developer: TheLibrarian.io
- Deployer:
- Artifact Details:
| Type | Name |
|---|---|
| System | TheLibrarian.io |
Impact
- (none)
Other information
- Report Type: Advisory
- Credits: Aaron Portnoy, Mindgard
- Date Reported: 2025-10-10
- Version: 0.3.1
- AVID Entry