Skills
skills/fatwang2/search1api-cli/search1api/Gen Agent Trust Hub

search1api

Pass

Audited by Gen Agent Trust Hub on Mar 16, 2026

Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
  • [EXTERNAL_DOWNLOADS]: The skill requires the installation of the search1api-cli package from the NPM registry. This tool is a vendor-provided utility for accessing the Search1API service.
  • [COMMAND_EXECUTION]: The skill invokes the s1 CLI tool to perform searches, crawl URLs, and retrieve news. User-provided queries and URLs are passed as arguments to this command in SKILL.md.
  • [PROMPT_INJECTION]: The skill has an attack surface for indirect prompt injection through external data ingestion. \n
  • Ingestion points: Content is retrieved from external web sources via s1 crawl, s1 search, and s1 news commands as defined in SKILL.md. \n
  • Boundary markers: The instructions do not specify any boundary markers or delimiters to separate retrieved content from agent instructions, nor do they include warnings to ignore instructions embedded in the crawled data. \n
  • Capability inventory: The skill allows the execution of shell commands via the s1 utility (defined in SKILL.md). \n
  • Sanitization: There is no evidence of sanitization or filtering of the retrieved web content before it is processed by the agent.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 16, 2026, 12:36 PM