volcengine-search
Pass
Audited by Gen Agent Trust Hub on May 6, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [SAFE]: The skill follows secure patterns for secret management, prioritizing environment variables and providing a template for .env files. The primary functionality is restricted to performing HTTP POST requests to the legitimate Volcengine API endpoint.- [PROMPT_INJECTION]: The skill creates an attack surface for indirect prompt injection by retrieving search results from the public internet.
- Ingestion points: External content from the web is ingested through the web_search and web_search_summary functions in scripts/volcengine_search.py.
- Boundary markers: The skill does not implement specific delimiters or safety instructions to separate search results from the agent's core instructions.
- Capability inventory: The script utilizes the requests library for network operations but does not have access to file system writes or subprocess execution.
- Sanitization: No sanitization of the search result content is performed prior to its integration into the agent's context.
Audit Metadata