xai-x-search
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFE
Full Analysis
- [Data Exposure & Exfiltration] (SAFE): The skill correctly manages credentials by using os.getenv('XAI_API_KEY') instead of hardcoding secrets. It only communicates with the legitimate xAI API endpoint.
- [Prompt Injection] (SAFE): No instructions attempting to override agent behavior or bypass safety filters were detected in the documentation or code snippets.
- [Indirect Prompt Injection] (LOW): 1. Ingestion points: The skill retrieves untrusted content from X (Twitter) posts. 2. Boundary markers: The prompt templates do not include explicit delimiters or instructions to ignore embedded commands. 3. Capability inventory: The skill is designed for searching and summarization and lacks destructive capabilities like file writing or arbitrary command execution. 4. Sanitization: Retrieved content is processed directly without sanitization.
- [Obfuscation] (SAFE): The content is clear and contains no encoded strings, hidden characters, or homoglyphs.
- [Dynamic Execution] (SAFE): Use of f-strings for prompt construction is standard and does not involve unsafe evaluation of code.
Audit Metadata