Skills
skills/ckckck/ultimatesearchskill/ultimate-search/Gen Agent Trust Hub

ultimate-search

Pass

Audited by Gen Agent Trust Hub on Apr 2, 2026

Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: Orchestrates search and content retrieval tasks through Shell scripts that utilize curl for API interaction and jq for JSON processing.
  • [EXTERNAL_DOWNLOADS]: Downloads Docker images from the well-known GitHub Container Registry (ghcr.io) and interacts with official API endpoints for search services including Tavily, FireCrawl, and xAI.
  • [PROMPT_INJECTION]: Possesses an indirect prompt injection surface as the skill is designed to ingest untrusted data from public websites via web-fetch.sh. This is addressed by rigorous 'Evidence Standards' in SKILL.md which instruct the agent to cross-verify all external facts and remain skeptical of single-source information.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 2, 2026, 03:30 AM