tavily-search
Pass
Audited by Gen Agent Trust Hub on Feb 27, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill provides tools for web search, crawling, and research through the Tavily API. All network requests are directed to the official API endpoints at api.tavily.com.
- [CREDENTIALS_UNSAFE]: The skill utilizes the TAVILY_API_KEY environment variable for authentication, which is the standard and secure method for managing API credentials. No hardcoded secrets were detected.
- [INDIRECT_PROMPT_INJECTION]: The skill processes untrusted web content from the Tavily API, which is inherent to its purpose as a search and extraction tool.
- Ingestion points: Raw web content and search results are ingested and displayed to the agent in scripts/search.mjs, scripts/extract.mjs, scripts/crawl.mjs, and scripts/research.mjs.
- Boundary markers: The scripts output content directly without explicit delimiters or instructions to ignore embedded commands.
- Capability inventory: The skill scripts lack high-risk capabilities such as file system modification, shell command execution, or dynamic code evaluation, which significantly limits the potential impact of indirect injection.
- Sanitization: Web content is retrieved and displayed as provided by the API without additional escaping or sanitization.
Audit Metadata