nimble-web-search
Pass
Audited by Gen Agent Trust Hub on Feb 19, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSDATA_EXFILTRATIONCOMMAND_EXECUTION
Full Analysis
- Data Exfiltration (LOW): The skill transmits search queries and an API key to
https://nimble-retriever.webit.live/search. While necessary for functionality, this involves a non-whitelisted external domain. - Indirect Prompt Injection (LOW): The skill processes untrusted search results from the web, which creates a surface for indirect prompt injection attacks.
- Ingestion points: Search result data retrieved via
scripts/search.shand the integration examples inexamples/basic-search.md. - Boundary markers: Absent; search results are returned as raw JSON or strings without protective delimiters or instructions to ignore embedded commands.
- Capability inventory: The skill utilizes network access (
curl,requests,fetch) and executes local bash scripts. - Sanitization: Absent; the skill does not filter or sanitize the content of search results before providing them to the agent.
- Command Execution (SAFE): The skill uses bash scripts to wrap API calls. These scripts are standard and use
jqfor safe JSON handling, althoughscripts/validate-query.shcontains a minor JSON injection vulnerability via shell variable interpolation in the request body.
Audit Metadata