search-skill
Pass
Audited by Gen Agent Trust Hub on Feb 21, 2026
Risk Level: SAFE
Full Analysis
- [Prompt Injection] (SAFE): No instructions to override agent behavior or bypass safety filters were found in the instructions or code.
- [Data Exposure & Exfiltration] (SAFE): The code interacts exclusively with a local database object passed at runtime and does not perform network operations or access sensitive system files like SSH keys or credentials.
- [Remote Code Execution] (SAFE): There are no patterns involving remote script fetching, package installations, or dynamic code evaluation (e.g., eval, exec, or subprocess calls).
- [Indirect Prompt Injection] (SAFE): The skill processes user-controlled search terms (keywords, tags). However, the evidence chain shows no dangerous capabilities (network, write access, or execution) that could be triggered by malicious strings in the data.
Audit Metadata