Skills
skills/inferen-sh/skills/web-search/Gen Agent Trust Hub

web-search

Pass

Audited by Gen Agent Trust Hub on Apr 25, 2026

Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [EXTERNAL_DOWNLOADS]: The skill references a CLI installation script hosted on the vendor's official GitHub repository (inference-sh).
  • [COMMAND_EXECUTION]: The skill utilizes the infsh CLI for searching and npx for managing skill dependencies.
  • [PROMPT_INJECTION]: The skill processes untrusted web data, creating a surface for indirect prompt injection. * Ingestion points: Search results and extracted text from URLs (SKILL.md). * Boundary markers: None present in instructions. * Capability inventory: Shell execution via infsh tool. * Sanitization: No explicit validation or filtering of external content is described.
  • [SAFE]: No malicious patterns or security risks were identified. The functionality is consistent with the skill's stated purpose.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 25, 2026, 04:34 PM