web-search
Pass
Audited by Gen Agent Trust Hub on Mar 8, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill processes untrusted content from the public web via DuckDuckGo search results, which creates a potential surface for indirect prompt injection.
- Ingestion points: Data enters via the output of
scripts/search.pywhich fetches web snippets. - Boundary markers: There are no markers or instructions advising the agent to ignore instructions embedded in the search results.
- Capability inventory: The script has the capability to make network requests and write search results to local files.
- Sanitization: No sanitization of retrieved search result content is performed.
Audit Metadata