web-search
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFECOMMAND_EXECUTIONDATA_EXFILTRATION
Full Analysis
- [Command Execution] (SAFE): The script executes the
curlbinary viasubprocess.runusing a list of arguments (shell=False). This correctly prevents shell injection vulnerabilities, ensuring that search queries are treated strictly as data. - [Data Exposure & Exfiltration] (LOW): The skill performs network operations to
api.duckduckgo.comandapi.tavily.com. While these are necessary for search functionality, these domains are not on the trusted whitelist for exfiltration analysis. No sensitive local files are accessed or transmitted. - [Indirect Prompt Injection] (LOW): This skill ingests untrusted data from the internet. Ingestion points: API responses in
scripts/web_search.py. Boundary markers: None. Capability inventory: Only performs network searches and returns results; has no file-write or system-modifying capabilities. Sanitization: Results are parsed into structured JSON. - [Credentials Unsafe] (SAFE): The skill avoids hardcoded secrets by retrieving the Tavily API token from the
TRAVILY_TOKENenvironment variable.
Audit Metadata