perplexity-api
Pass
Audited by Gen Agent Trust Hub on Mar 7, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill makes network requests to the official Perplexity AI API (api.perplexity.ai), a well-known and legitimate service for search-augmented language model responses.
- [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection vulnerabilities.
- Ingestion points: Untrusted external data enters the system through the search results fetched from the web via the Perplexity API (noted in Concrete Usage Examples).
- Boundary markers: There are no explicit markers or instructions provided in the example code or integration notes to delimit external content or instruct the model to ignore instructions within that content.
- Capability inventory: The skill demonstrates network communication capabilities using the Python
requestslibrary (documented in Usage Patterns). - Sanitization: No sanitization, validation, or escaping of the fetched API content is described in the integration or error handling sections.
Audit Metadata