ultimate-search
Pass
Audited by Gen Agent Trust Hub on Mar 4, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill pulls multiple Docker images to establish its search infrastructure.
- Fetches
ghcr.io/flaresolverr/flaresolverrfor Cloudflare challenge bypass. - Downloads
ghcr.io/chenyme/grok2apiandghcr.io/xuncv/tavilyproxymanagerto handle API aggregation and load balancing. - Connects to the well-known
firecrawl.devAPI as a fallback for web scraping operations. - [COMMAND_EXECUTION]: The skill provides a set of shell scripts (
grok-search.sh,tavily-search.sh,web-fetch.sh,web-map.sh,dual-search.sh) that the agent executes via Bash to perform search and retrieval tasks. - [PROMPT_INJECTION]: Analysis of
SKILL.mdreveals specific behavioral instructions for the agent, such as prioritizing X/Twitter for certain queries and requiring cross-verification of facts. These are functional guidelines for the skill's operation and do not attempt to bypass agent safety filters. - [CREDENTIALS_UNSAFE]: The skill manages sensitive data like Grok SSO tokens and Tavily API keys. It uses a local
.envfile and a dedicatedimport-keys.shscript to securely load these into local services. The documentation explicitly warns the agent against echoing these sensitive values in the conversation context. - [DATA_EXPOSURE]: The skill is configured to bind its internal service ports (8100 and 8200) to
127.0.0.1by default, preventing external access to the local API aggregation services.
Audit Metadata