ollama-web-search
Pass
Audited by Gen Agent Trust Hub on Mar 20, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill's primary function is to perform web searches via a POST request to the official Ollama API endpoint (https://ollama.com/api/web_search). This behavior is consistent with the skill's stated purpose and targets a well-known service domain.
- [PROMPT_INJECTION]: The skill processes external data (web search results), which presents a surface for indirect prompt injection. If an attacker-controlled website appears in search results, it could contain instructions intended to mislead the AI agent.
- Ingestion points: Search results are retrieved from the external API in scripts/search.mjs and passed to the agent.
- Boundary markers: Results are output as a raw JSON string without specialized delimiters or instructions for the agent to ignore embedded content.
- Capability inventory: The skill scripts are restricted to network requests and standard output; they do not contain logic for file system manipulation or shell command execution.
- Sanitization: No sanitization or filtering is performed on the search result content before it is returned to the agent context.
Audit Metadata