tavily-mcp
Pass
Audited by Gen Agent Trust Hub on Feb 21, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [Indirect Prompt Injection] (LOW): The skill is designed to fetch content from external, untrusted web sources through tools like
tavily_extract,tavily_search, andtavily_crawl. - Ingestion points: Web page content and search snippets enter the agent's context through
tavily_extract,tavily_search,tavily_crawl, andtavily_research(SKILL.md). - Boundary markers: None identified in the skill instructions to separate external content from internal logic.
- Capability inventory: The skill allows the agent to perform extensive web operations including multi-page crawling and deep research across multiple sources (SKILL.md).
- Sanitization: No explicit sanitization or instruction-ignoring patterns are provided for handling malicious instructions embedded in fetched web content.
Audit Metadata