Skills
skills/desearch-ai/desearch-openclaw-skills/desearch-crawl/Gen Agent Trust Hub

desearch-crawl

Pass

Audited by Gen Agent Trust Hub on Mar 10, 2026

Risk Level: SAFEPROMPT_INJECTION
Full Analysis
  • [PROMPT_INJECTION]: Indirect Prompt Injection Surface. The skill retrieves content from arbitrary external URLs, which may contain malicious instructions designed to manipulate the agent logic.\n
  • Ingestion points: Page content returned in scripts/desearch.py from the crawl command.\n
  • Boundary markers: Absent; the skill returns raw content without delimiters or explicit instructions to the agent to ignore embedded commands.\n
  • Capability inventory: Network requests (urllib) to the Desearch API.\n
  • Sanitization: Absent; the content is returned as plain text or HTML without filtering.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 10, 2026, 03:07 PM