Skills
skills/bytedance/agentkit-samples/byted-byteplus-infoquest-search/Gen Agent Trust Hub

byted-byteplus-infoquest-search

Pass

Audited by Gen Agent Trust Hub on Mar 26, 2026

Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSDATA_EXFILTRATIONPROMPT_INJECTION
Full Analysis
  • [SAFE]: The skill uses environment variables (INFOQUEST_API_KEY) for authentication, following security best practices for credential management.
  • [COMMAND_EXECUTION]: Provides Python CLI scripts (scripts/search.py and scripts/extract.py) to interface with external web services.
  • [EXTERNAL_DOWNLOADS]: Recommends the installation of the requests library via pip to facilitate HTTP communication.
  • [DATA_EXFILTRATION]: Communicates with external endpoints at reader.infoquest.bytepluses.com and search.infoquest.bytepluses.com. These are legitimate vendor-owned resources associated with the skill author, ByteDance.
  • [PROMPT_INJECTION]: The skill acts as an ingestion point for untrusted external data (search results and webpage content), which presents a surface for indirect prompt injection.
  • Ingestion points: Raw webpage content and search snippets are ingested into the agent context via the BytePlus API responses.
  • Boundary markers: Not present. Data is returned in JSON or formatted text blocks without explicit isolation instructions.
  • Capability inventory: The skill's scripts are restricted to making API calls and printing results; they do not possess dangerous capabilities like local file writes, subprocess execution, or arbitrary code evaluation.
  • Sanitization: The scripts perform field extraction and JSON parsing but do not sanitize the text content for potential injection patterns.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 26, 2026, 03:03 PM