Improve fetch webpage tool security messaging to clarify risks instead of labeling URLs as "untrusted" (microsoft#250048)

Copilot · TylerLeonhardt · web-flow · commit 3f8c26371f7f · 2025-05-30T08:43:06.000-07:00
* Initial plan for issue

* Update fetch webpage tool confirmation dialog to clarify security risks

- Remove "untrusted" language from dialog titles
- Add explicit warning about malicious code and prompt injection attacks
- Update both singular and plural confirmation messages
- Use MarkdownString for better formatting of warning messages

Co-authored-by: TylerLeonhardt &lt;2644648+TylerLeonhardt@users.noreply.github.com&gt;

* Replace emoji with info codicon in fetch webpage tool security warning

Co-authored-by: TylerLeonhardt &lt;2644648+TylerLeonhardt@users.noreply.github.com&gt;

* Separate localization strings from formatting in fetch webpage tool

Co-authored-by: TylerLeonhardt &lt;2644648+TylerLeonhardt@users.noreply.github.com&gt;

* add support Theme icons

---------

Co-authored-by: copilot-swe-agent[bot] &lt;198982749+Copilot@users.noreply.github.com&gt;
Co-authored-by: TylerLeonhardt &lt;2644648+TylerLeonhardt@users.noreply.github.com&gt;
Co-authored-by: Tyler Leonhardt &lt;tyleonha@microsoft.com&gt;
diff --git a/src/vs/workbench/contrib/chat/electron-sandbox/tools/fetchPageTool.ts b/src/vs/workbench/contrib/chat/electron-sandbox/tools/fetchPageTool.ts
@@ -138,11 +138,19 @@ export class FetchWebPageTool implements IToolImpl {
 			let confirmationTitle: string;
 			let confirmationMessage: string | MarkdownString;
 			if (urlsNeedingConfirmation.length === 1) {
-				confirmationTitle = localize('fetchWebPage.confirmationTitle.singular', 'Fetch untrusted web page?');
-				confirmationMessage = urlsNeedingConfirmation[0].toString();
+				confirmationTitle = localize('fetchWebPage.confirmationTitle.singular', 'Fetch web page?');
+				confirmationMessage = new MarkdownString(
+					urlsNeedingConfirmation[0].toString() + '\n\n$(info) ' +
+					localize('fetchWebPage.confirmationMessage.singular', 'Web content may contain malicious code or attempt prompt injection attacks.'),
+					{ supportThemeIcons: true }
+				);
 			} else {
-				confirmationTitle = localize('fetchWebPage.confirmationTitle.plural', 'Fetch untrusted web pages?');
-				confirmationMessage = new MarkdownString(urlsNeedingConfirmation.map(uri => `- ${uri.toString()}`).join('\n'));
+				confirmationTitle = localize('fetchWebPage.confirmationTitle.plural', 'Fetch web pages?');
+				confirmationMessage = new MarkdownString(
+					urlsNeedingConfirmation.map(uri => `- ${uri.toString()}`).join('\n') + '\n\n$(info) ' +
+					localize('fetchWebPage.confirmationMessage.plural', 'Web content may contain malicious code or attempt prompt injection attacks.'),
+					{ supportThemeIcons: true }
+				);
 			}
 			result.confirmationMessages = { title: confirmationTitle, message: confirmationMessage, allowAutoConfirm: true };
 		}
