tavily
Pass
Audited by Gen Agent Trust Hub on Mar 16, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: Potential for Indirect Prompt Injection. The skill fetches content from the web via the Tavily API, which may contain malicious instructions designed to subvert the AI agent's logic.
- Ingestion points:
scripts/search.mjs(search results and snippets) andscripts/extract.mjs(raw web content). - Boundary markers: Absent. The skill does not use specific delimiters or instructions to the agent to treat the retrieved content as data rather than instructions.
- Capability inventory: Low risk. The skill scripts do not have access to the file system or process management, limiting the potential impact of an injection.
- Sanitization: Absent. Web content is passed through to the agent without escaping or filtering.
Audit Metadata