qiaomu-smart-search
Pass
Audited by Gen Agent Trust Hub on Apr 9, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill's primary function is to instruct the agent to execute shell commands using the
opencliutility. It guides the agent to perform pre-execution checks (opencli list), fetch live help (opencli <site> -h), and conduct searches on numerous external platforms. - [PROMPT_INJECTION]: The skill introduces a surface for indirect prompt injection. By fetching and interpreting content from diverse external websites via
opencli, the agent is exposed to untrusted data that could contain malicious instructions. The skill lacks explicit sanitization or boundary markers (e.g., XML tags or clear 'ignore' instructions) for the ingested search content, relying on the agent's internal safety filters.
Audit Metadata