Skills
skills/inference-sh/agent-skills/web-search/Gen Agent Trust Hub

web-search

Pass

Audited by Gen Agent Trust Hub on Apr 14, 2026

Risk Level: SAFEEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
  • [EXTERNAL_DOWNLOADS]: The skill references installation guides and related components hosted on the author's official GitHub repository (github.com/inference-sh/skills).
  • [PROMPT_INJECTION]: The skill processes untrusted web data, creating a surface for indirect prompt injection where malicious instructions on a webpage could influence agent behavior.
  • Ingestion points: Untrusted content is ingested into the agent context from the web via tavily/extract and exa/extract apps as seen in SKILL.md.
  • Boundary markers: The provided usage examples do not implement delimiters or isolation techniques to separate extracted web content from model instructions.
  • Capability inventory: The skill allows execution of various infsh apps which can perform data retrieval and aggregation across the platform.
  • Sanitization: No explicit sanitization or filtering of the fetched web content is described in the skill's workflows.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 14, 2026, 09:11 AM