tavily-web
Warn
Audited by Gen Agent Trust Hub on Mar 4, 2026
Risk Level: MEDIUMEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill requires installation from an external GitHub repository (BenedictKing/tavily-web) which is not associated with the skill's author or a trusted vendor. This poses a risk as the code being executed is not provided for review in the skill package itself.\n- [PROMPT_INJECTION]: The skill's function involves ingesting and processing untrusted data from the internet, which is a known vector for indirect prompt injection attacks.\n
- Ingestion points: Web search results and content extracted from external URLs.\n
- Boundary markers: None identified in the provided documentation.\n
- Capability inventory: Performs network requests to the Tavily API and crawls web pages.\n
- Sanitization: No methods for sanitizing or filtering untrusted input are mentioned.
Audit Metadata