minimax-web-search
Pass
Audited by Gen Agent Trust Hub on Feb 18, 2026
Risk Level: SAFEPROMPT_INJECTIONNO_CODE
Full Analysis
- [Indirect Prompt Injection] (LOW): The skill processes external data from web searches, which could contain malicious instructions designed to influence the agent's behavior.
- Ingestion points: Search result titles and snippets returned by the
web_searchtool (as defined inSKILL.md). - Boundary markers: Absent. There are no instructions or delimiters defined to separate untrusted search content from the agent's internal instructions.
- Capability inventory: The skill facilitates network requests to an external API host (
{api_host}/v1/coding_plan/search). - Sanitization: Absent. No evidence of content validation or sanitization for the retrieved snippets.
- [No Code] (SAFE): The skill consists entirely of markdown documentation and metadata; it does not include executable scripts or binaries that could perform malicious actions directly.
Audit Metadata