perplexity-search
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFE
Full Analysis
- [PROMPT_INJECTION] (SAFE): The skill processes user search queries which are sent to the OpenRouter API. While this presents a theoretical surface for indirect prompt injection, it is the primary intended function of the skill and there are no high-impact capabilities (e.g., shell access) that would make this a significant threat. \n
- Ingestion points:
args.queryinscripts/perplexity_search.py.\n - Boundary markers: Absent.\n
- Capability inventory: Performs network requests to OpenRouter and provides optional file writing via the
--outputargument.\n - Sanitization: Absent.\n- [CREDENTIALS_UNSAFE] (SAFE): The skill uses environment variables or a
.envfile for its API key. No hardcoded credentials were found; only placeholders are used in the provided example and setup scripts.\n- [EXTERNAL_DOWNLOADS] (SAFE): The skill depends on thelitellmPython package. It checks for its presence and provides installation instructions but does not perform automated installation or download external scripts.
Audit Metadata