search
Pass
Audited by Gen Agent Trust Hub on Mar 17, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill uses the Bash tool to execute curl and jq commands for interacting with the search API and processing JSON responses.
- [EXTERNAL_DOWNLOADS]: Communicates with official vendor endpoints at https://api.browserbase.com/v1/search and https://api.browserbase.com/v1/fetch to retrieve web data.
- [PROMPT_INJECTION]: Identifies a surface for indirect prompt injection where malicious instructions could be embedded in search results.
- Ingestion points: Search result metadata (titles, URLs) ingested via curl in SKILL.md and EXAMPLES.md.
- Boundary markers: Present. Documentation includes specific Safety Notes instructing the agent to treat search results as untrusted input.
- Capability inventory: Includes the ability to execute shell commands, perform network requests, and write content to the local filesystem using redirection as demonstrated in EXAMPLES.md.
- Sanitization: Employs sed in EXAMPLES.md to sanitize URLs before they are used as filenames, reducing the risk of path traversal or illegal character issues.
Audit Metadata