tavily-web
Warn
Audited by Gen Agent Trust Hub on Mar 10, 2026
Risk Level: MEDIUMEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill's installation instructions require fetching code from an untrusted third-party GitHub repository ('BenedictKing/tavily-web') that is not associated with the declared author ('claudiodearaujo') or any trusted organization. This creates a dependency on an unverified source.\n- [PROMPT_INJECTION]: The skill processes untrusted external data through web crawling and search, creating a surface for indirect prompt injection where malicious content on websites could influence agent behavior.\n
- Ingestion points: Web search results and website content extracted via the Tavily API.\n
- Boundary markers: No boundary markers or delimiters are specified in the documentation to distinguish untrusted web content from system instructions.\n
- Capability inventory: The skill allows for web searching, content extraction, and crawling.\n
- Sanitization: No evidence of content sanitization or validation of retrieved external data before processing.
Audit Metadata