web-search
Pass
Audited by Gen Agent Trust Hub on Mar 12, 2026
Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
- [PROMPT_INJECTION]: Indirect prompt injection surface. The skill demonstrates workflows where results from web searches are interpolated into LLM prompts without explicit sanitization or boundary markers. Ingestion points: Data returned from search and extraction apps in SKILL.md. Boundary markers: None present in the workflow examples. Capability inventory: Bash tool used for executing CLI commands. Sanitization: No sanitization steps are documented for external content.
- [COMMAND_EXECUTION]: The skill requests permission for the Bash tool to run the infsh CLI, which is required for its intended search and extraction operations.
- [EXTERNAL_DOWNLOADS]: The skill references the installation of the infsh CLI via npm, which is a standard delivery method for the platform's official tools.
Audit Metadata