Skills
skills/nicepkg/ai-workflow/serpapi/Gen Agent Trust Hub

serpapi

Pass

Audited by Gen Agent Trust Hub on Feb 17, 2026

Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION] (LOW): The skill uses bash -c to wrap curl commands. While this is used to address a specific environment bug and facilitate piping to jq, it involves executing shell commands which is a powerful capability.
  • [EXTERNAL_DOWNLOADS] (LOW): The skill communicates with serpapi.com to fetch search results. This is the core functionality and targets a legitimate service, though it involves fetching external data.
  • [PROMPT_INJECTION] (LOW): The skill exhibits a surface for Indirect Prompt Injection (Category 8) because it retrieves search results (titles, snippets, and page content) from the public web.
  • Ingestion points: Search result snippets and organic results from various search engines via SerpApi.
  • Boundary markers: Absent; the skill returns filtered JSON but does not wrap content in delimiters or provide safety warnings to the agent.
  • Capability inventory: The skill has access to the network via curl and executes shell commands via bash -c.
  • Sanitization: Results are filtered using jq, which ensures structural integrity but does not sanitize the text content for potential malicious instructions.
Audit Metadata
Risk Level
SAFE
Analyzed
Feb 17, 2026, 06:13 PM