multi-search-engine
Pass
Audited by Gen Agent Trust Hub on Mar 5, 2026
Risk Level: SAFENO_CODEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: Indirect Prompt Injection Surface. The skill provides URL templates for 17 search engines (e.g., Google, Bing, DuckDuckGo) which return untrusted external content into the agent's context.
- Ingestion points: Results from searches on Google, Bing, Baidu, and other engines are fetched via web_fetch.
- Boundary markers: No delimiters or instructions to ignore embedded commands are suggested for processing the untrusted content.
- Capability inventory: The skill is intended to be used with tools capable of fetching and parsing external web pages.
- Sanitization: There are no instructions for sanitizing or validating the content retrieved from search results.
- [PROMPT_INJECTION]: Unsafe Search Operator Examples. The documentation in 'references/international-search.md' includes search queries used for locating sensitive information.
- Evidence: Examples such as 'intext:password filetype:txt' and 'inurl:login admin' are provided. These patterns are signature techniques for finding exposed credentials or administrative login pages.
Audit Metadata