Skills
skills/nordz0r/skills/ollama-search/Gen Agent Trust Hub

ollama-search

Pass

Audited by Gen Agent Trust Hub on Mar 9, 2026

Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
  • [EXTERNAL_DOWNLOADS]: The skill interacts with external APIs to fetch web data.
  • Evidence: Requests are sent to https://ollama.com/api/web_search and https://ollama.com/api/web_fetch using curl in scripts/ollama-search.sh and scripts/ollama-fetch.sh.
  • [COMMAND_EXECUTION]: The skill requires the execution of system binaries to function.
  • Evidence: Uses bash, curl, and jq as specified in the SKILL.md metadata and implemented in the scripts/ directory.
  • [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection (Category 8) because it processes untrusted content from the internet.
  • Ingestion points: Web search snippets and full page content are ingested via scripts/ollama-search.sh and scripts/ollama-fetch.sh.
  • Boundary markers: Absent; the skill instructions in SKILL.md advise the agent to summarize results without providing specific delimiters or warnings to ignore embedded instructions.
  • Capability inventory: The agent can execute shell commands (bash, curl, jq) via the OpenClaw environment.
  • Sanitization: The scripts use jq to parse structured JSON, but the raw text content from external websites is passed to the model without further sanitization or filtering.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 9, 2026, 10:05 AM