tavily-usage
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFEPROMPT_INJECTIONEXTERNAL_DOWNLOADSCOMMAND_EXECUTION
Full Analysis
- Indirect Prompt Injection (LOW): The skill retrieves content from external websites, which could contain malicious instructions designed to influence the agent's logic.
- Ingestion points: Data returned from
mcp__tavily__tavily-extractand search results. - Boundary markers: None specified in the skill markdown to separate system instructions from external data.
- Capability inventory: The skill processes and analyzes extracted content to fulfill user requests.
- Sanitization: No content sanitization or validation steps are described.
- Command Execution (LOW): The skill references a local Python script
tavily_extract_to_advanced.pyas a hook to modify API call parameters, which involves local code execution. - External Network Access (LOW): The skill performs legitimate network operations to the Tavily API and various websites to retrieve information.
Audit Metadata