grok-search
Pass
Audited by Gen Agent Trust Hub on Mar 12, 2026
Risk Level: SAFEPROMPT_INJECTIONEXTERNAL_DOWNLOADSCOMMAND_EXECUTION
Full Analysis
- [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection through web search results.
- Ingestion points: scripts/grok_search.py (line 527) processes content returned from the API which aggregates live web data.
- Boundary markers: Absent. The system prompts do not include delimiters or instructions to ignore embedded commands in the search data.
- Capability inventory: scripts/grok_search.py performs network requests via urllib and writes state to runtime/cooldowns.json.
- Sanitization: Absent. No filtering or sanitization of external content is performed.
- [EXTERNAL_DOWNLOADS]: The script performs network requests to an external API endpoint. Evidence: urllib.request.urlopen in scripts/grok_search.py connects to a user-defined or default base_url.
- [COMMAND_EXECUTION]: The skill requires running a local Python script which interacts with the file system and network. Evidence: scripts/grok_search.py reads configuration files and writes to runtime/cooldowns.json.
Audit Metadata