AI Search Toolkit
Pass
Audited by Gen Agent Trust Hub on Mar 24, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: Fetches and adds the 'use-agently' skill from the developer's GitHub repository and installs the 'use-agently' package globally from the NPM registry.
- [COMMAND_EXECUTION]: Instructs the user to run shell commands for initializing the Agently CLI, performing system checks, and managing wallet balances for API usage.
- [PROMPT_INJECTION]: The skill has an indirect prompt injection surface because it ingests and synthesizes untrusted content from various external search engines (Brave, Exa, Tavily, Perplexity, X) and web scraping tools (Jina, Firecrawl).
- Ingestion points: Data from diverse search queries and full-page content extraction from arbitrary URLs are fed into the synthesis phase.
- Boundary markers: No explicit delimiters or instructions to ignore embedded commands are present in the retrieval prompts.
- Capability inventory: The skill leverages multiple tool calls to fetch data, extract content, and perform markdown rendering.
- Sanitization: There is no evidence of filtering or sanitizing the retrieved web content before it is processed by the agent for report generation.
Audit Metadata