tavily
Warn
Audited by Snyk on Mar 9, 2026
Risk Level: MEDIUM
Full Analysis
MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).
- Third-party content exposure detected (high risk: 0.90). This skill fetches and ingests live, public web content via the Tavily API (see SKILL.md and scripts/search.mjs / scripts/extract.mjs which call https://api.tavily.com/search and /extract) and instructs the agent to parse and summarize the returned "content" and "raw_content" (including an AI-generated answer), so untrusted third‑party pages can directly influence its outputs and actions.
Audit Metadata