Skills
skills/family3253/skill/tavily-crawl/Gen Agent Trust Hub

tavily-crawl

Pass

Audited by Gen Agent Trust Hub on Mar 15, 2026

Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSREMOTE_CODE_EXECUTIONDATA_EXFILTRATIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The scripts/crawl.sh script executes several system utilities including curl, jq, base64, and sed for API communication and data formatting.
  • [EXTERNAL_DOWNLOADS]: The skill downloads the mcp-remote tool from the npm registry via npx and makes outbound requests to official Tavily API domains (api.tavily.com, mcp.tavily.com).
  • [REMOTE_CODE_EXECUTION]: The script uses npx -y mcp-remote to execute a remote tool at runtime to facilitate the OAuth authentication flow.
  • [DATA_EXFILTRATION]: The script accesses the ~/.mcp-auth/ directory to read and validate authentication tokens. This is part of the standard Model Context Protocol (MCP) workflow for maintaining service sessions.
  • [PROMPT_INJECTION]: The skill ingests untrusted data from external websites during the crawl process. This content is saved as local markdown, representing an Indirect Prompt Injection surface should the agent later read and follow instructions contained within that content.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 15, 2026, 08:18 AM