serper-search
Pass
Audited by Gen Agent Trust Hub on Feb 28, 2026
Risk Level: SAFEPROMPT_INJECTIONDATA_EXFILTRATION
Full Analysis
- [DATA_EXFILTRATION]: The skill transmits search queries to serper.dev, which is a well-known service for search data. This transmission is necessary for the tool's primary purpose.\n- [PROMPT_INJECTION]: The skill retrieves untrusted data from the internet, which presents a risk of indirect prompt injection where malicious instructions in search results could influence agent behavior.\n
- Ingestion points: External search snippets and results retrieved from the Google Serper API.\n
- Boundary markers: No specific delimiters or 'ignore' instructions are defined to encapsulate the untrusted search output.\n
- Capability inventory: The skill defines search capabilities but does not include tools for system command execution or file modification.\n
- Sanitization: There is no mention of sanitization or filtering for the content returned by the search tool.
Audit Metadata