Skills
skills/family3253/skill/tavily-research/Gen Agent Trust Hub

tavily-research

Pass

Audited by Gen Agent Trust Hub on Mar 15, 2026

Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONDATA_EXFILTRATIONPROMPT_INJECTION
Full Analysis
  • [EXTERNAL_DOWNLOADS]: The script scripts/research.sh utilizes npx -y mcp-remote to download and run a utility for OAuth authentication from the npm registry.
  • [COMMAND_EXECUTION]: Executes shell utilities including curl, jq, and base64 within scripts/research.sh to handle API requests and data parsing.
  • [DATA_EXFILTRATION]: Reads sensitive credential files from ~/.mcp-auth/ in scripts/research.sh. It implements a check to verify the JWT issuer is https://mcp.tavily.com/ before usage.
  • [PROMPT_INJECTION]: Vulnerable to indirect prompt injection from third-party web content.
  • Ingestion points: External research data ingested via curl in scripts/research.sh.
  • Boundary markers: Absent; research results are returned as raw text or structured JSON.
  • Capability inventory: Network requests via curl and local file writing in scripts/research.sh.
  • Sanitization: Absent; external data is not sanitized before being returned to the agent context.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 15, 2026, 08:18 AM