serpapi
Pass
Audited by Gen Agent Trust Hub on Apr 21, 2026
Risk Level: SAFEDATA_EXFILTRATIONPROMPT_INJECTION
Full Analysis
- [DATA_EXFILTRATION]: The skill connects to serpapi.com, a well-known service, to perform search queries. It passes the search terms and the SERPAPI_API_KEY as query parameters in the request URL. While common for this specific service, credentials in URLs are less secure as they may be logged by intermediate systems.
- [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection because it retrieves and processes snippets, titles, and other data from various external search engines and websites.
- Ingestion points: Search results are fetched from the SerpAPI search endpoint in scripts/serp.py and returned to the agent context.
- Boundary markers: No specific boundary markers or instruction-ignoring delimiters are used when presenting the search results to the agent.
- Capability inventory: The skill performs network requests using the urllib.request module and reads configuration from local files.
- Sanitization: The skill does not perform any sanitization or validation of the text content retrieved from the external engines.
Audit Metadata