tavily-web-search
Pass
Audited by Gen Agent Trust Hub on Mar 7, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [SAFE]: The skill facilitates interactions with the Tavily Search API (https://api.tavily.com/search), a well-known and legitimate service for AI-optimized web searches. It provides implementation examples using the standard Python
requestslibrary andcurlfor API communication. - [SAFE]: Authentication is handled securely via the
$TAVILY_API_KEYenvironment variable. This approach avoids the risk of hardcoded credentials and follows standard security protocols for secret management. - [PROMPT_INJECTION]: The skill includes an inherent attack surface for indirect prompt injection as its core function is to ingest and synthesize external web content.
- Ingestion points: Untrusted data enters the agent context via the results returned by the Tavily API call in
SKILL.md. - Boundary markers: There are no explicit delimiters or specific instructions provided in the snippets to prevent the agent from following commands embedded in the search results.
- Capability inventory: The skill utilizes network capabilities to communicate with the Tavily endpoint.
- Sanitization: No sanitization or filtering logic for the retrieved web content is implemented in the provided examples.
Audit Metadata