tavily
Warn
Audited by Gen Agent Trust Hub on Feb 15, 2026
Risk Level: MEDIUMPROMPT_INJECTION
Full Analysis
- Indirect Prompt Injection (MEDIUM): The skill processes untrusted data from external websites via the search and extraction scripts.
- Ingestion points:
scripts/search.mjsandscripts/extract.mjsfetch content from arbitrary URLs and search queries. - Boundary markers: None visible in the provided files to delimit untrusted web content from system instructions.
- Capability inventory: The skill provides content to the agent context, which can influence subsequent agent actions or data exfiltration via other tools.
- Sanitization: No evidence of sanitization or filtering of malicious LLM instructions within the fetched web content.
Audit Metadata