tool-grok-search
Warn
Audited by Gen Agent Trust Hub on Feb 16, 2026
Risk Level: MEDIUMPROMPT_INJECTION
Full Analysis
- Indirect Prompt Injection (MEDIUM): The skill is designed to ingest and process content from external, attacker-controlled sources.
- Ingestion points: Untrusted data enters the agent context via the
grok_searchtool output (X posts, news articles, web content). - Boundary markers: The skill definition does not specify delimiters or instructions to treat search results as untrusted data.
- Capability inventory: The tool itself is for retrieval, but its output (the 'Answer') is intended to influence agent reasoning and downstream decisions.
- Sanitization: No sanitization or filtering of external content is mentioned in the provided documentation.
- External References (LOW): The documentation references local source files (
src/agents/grok.ts,src/tools/grok-search.ts) that were not provided for analysis. This limits the ability to verify implementation-level security such as API key handling or input validation.
Audit Metadata