The Agent Skills Directory

[DATA_EXFILTRATION]: The script scripts/search.py performs network operations to https://qianfan.baidubce.com/v2/ai_search/web_search. This is the official endpoint for Baidu's AI search services, and its use is strictly limited to the skill's documented search functionality.
[CREDENTIALS_UNSAFE]: The skill securely handles authentication by requiring the BAIDU_API_KEY to be set as an environment variable. No hardcoded API keys, tokens, or other sensitive secrets were found in the source code or metadata.
[PROMPT_INJECTION]: The skill facilitates the ingestion of external data from web search results via scripts/search.py. 1. Ingestion points: External content is fetched from the Baidu API and assigned to the results variable. 2. Boundary markers: No explicit delimiters are added to the search result output. 3. Capability inventory: The script is limited to network POST requests to the Baidu API and standard library operations. 4. Sanitization: The script removes the snippet field but does not sanitize the remaining content; however, the data is returned in a structured JSON format which helps the agent distinguish search results from instructions.

baidu-search