perplexity-search
Pass
Audited by Gen Agent Trust Hub on Mar 11, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: No security issues detected. The skill performs legitimate web-search operations through a reputable third-party API (OpenRouter).
- [CREDENTIALS_UNSAFE]: The skill correctly handles credentials by requiring the user to set an
OPENROUTER_API_KEYenvironment variable. It does not hardcode any secrets and provides a clear setup guide using placeholders. - [COMMAND_EXECUTION]: The
scripts/searchwrapper andscripts/search.mjsutilize standard Node.js and Bash patterns for script execution and argument parsing. It does not useeval()orexec()with untrusted input. - [EXTERNAL_DOWNLOADS]: The skill makes a network request to
https://openrouter.ai/api/v1/chat/completions, which is a well-known service for LLM API access. This is documented neutrally as a functional requirement. - [DATA_EXFILTRATION]: No sensitive data access or exfiltration patterns were identified. Network operations are limited to the intended API provider for processing user queries.
- [PROMPT_INJECTION]: The query building logic (
buildSotaQuery,buildRecentQuery) uses template literals to wrap user input with research instructions. While this creates a surface for indirect prompt injection, it is used for functional steering and is considered a low-risk, standard practice for LLM agent skills.
Audit Metadata