tavily-web
Warn
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: MEDIUMEXTERNAL_DOWNLOADSREMOTE_CODE_EXECUTION
Full Analysis
- [EXTERNAL_DOWNLOADS] (MEDIUM): The installation command
npx skills add -g BenedictKing/tavily-webfetches content from a third-party GitHub repository. The author 'BenedictKing' is not on the list of trusted GitHub organizations or repositories, making the source unverified. - [REMOTE_CODE_EXECUTION] (MEDIUM): By installing the skill via
npx skills add, the user is executing logic defined by an external, untrusted author. This could lead to arbitrary code execution if the repository content is malicious. - [DATA_EXPOSURE & EXFILTRATION] (SAFE): The skill documentation correctly recommends configuring API keys through environment variables rather than hardcoding them, which follows security best practices.
- [INDIRECT PROMPT INJECTION] (LOW): As a web search and crawling tool, this skill is susceptible to indirect prompt injection.
- Ingestion points: Web content retrieved via Tavily API (SKILL.md).
- Boundary markers: None specified in the documentation.
- Capability inventory: Web search, content extraction, and crawling (SKILL.md).
- Sanitization: No mention of sanitizing or escaping the retrieved web content before it is processed by the agent.
Audit Metadata