not-human-search-mcp
Pass
Audited by Gen Agent Trust Hub on Apr 18, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSDATA_EXFILTRATIONPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill configuration connects to a remote MCP server hosted at
https://nothumansearch.ai/mcp. This is required for the skill's primary functionality but establishes a dependency on the availability and integrity of the external service. - [DATA_EXFILTRATION]: The
register_monitortool is designed to collect and transmit a user's email address to thenothumansearch.aiinfrastructure for the purpose of domain monitoring. While the skill instructions specify that this should only be done with explicit user consent, it represents a path for PII (Personally Identifiable Information) collection. - [PROMPT_INJECTION]: The skill processes data from a remote search index and inspects third-party websites (via
search_agents,get_site_details, andverify_mcp). This introduces a surface for indirect prompt injection, as data retrieved from these external sources could contain malicious instructions designed to influence the agent's subsequent actions. - Ingestion points: Results from
search_agents,get_site_details,get_stats, andverify_mcp(SKILL.md). - Boundary markers: None identified in the prompt templates.
- Capability inventory: No local execution capabilities are defined in the skill itself; however, the tool is used to discover other services which the agent may subsequently interact with.
- Sanitization: No explicit sanitization or validation of the remote search results is documented within the skill instructions.
Audit Metadata