datasheets-search-api
Pass
Audited by Gen Agent Trust Hub on Mar 11, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [SAFE]: The skill implements excellent security hygiene by mandating the use of runtime-managed credentials and explicitly forbidding the storage or disclosure of API keys in chat or prompt context.
- [SAFE]: Network activity is properly restricted to the authenticated search endpoint of the vendor's official domain.
- [PROMPT_INJECTION]: The skill contains a standard indirect prompt injection surface through the processing of user-provided search terms and external API responses. This is considered low risk and essential to the skill's primary search function.
- Ingestion points: Ingests user input via the 'q' parameter and external data from the Datasheets.com API response (SKILL.md).
- Boundary markers: None identified. The instructions do not specify delimiters for external content.
- Capability inventory: HTTP GET requests to https://www.datasheets.com/api/v1/search (SKILL.md, references/examples.md).
- Sanitization: No explicit sanitization or escaping instructions are provided for result rendering.
Audit Metadata