alphaear-search
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFEPROMPT_INJECTIONEXTERNAL_DOWNLOADS
Full Analysis
- [PROMPT_INJECTION] (LOW): Indirect Prompt Injection vulnerability in
references/PROMPTS.md. - Ingestion points: The
Search Cache Relevanceprompt interpolates untrusted data via the{candidates_desc}variable, which contains contents from previous searches and local news. - Boundary markers: There are no boundary markers or delimiters separating the untrusted content from the system instructions.
- Capability inventory: The skill has web search and content extraction capabilities (
scripts/content_extractor.py). - Sanitization: No sanitization or filtering of external content is performed before interpolation into the prompt.
- [EXTERNAL_DOWNLOADS] (LOW): The skill performs legitimate web requests to
https://r.jina.ai/and other search providers for its primary function. - [DATA_EXFILTRATION] (SAFE): No evidence of hardcoded credentials or unauthorized access to sensitive files like SSH keys or environment configuration. API keys are managed through environment variables.
- [COMMAND_EXECUTION] (SAFE): No dangerous shell command execution or arbitrary subprocess spawning detected.
- [METADATA_POISONING] (SAFE): Metadata is descriptive and matches the skill's code behavior, though
scripts/search_tools.pyis referenced but missing from the package.
Audit Metadata