Skills
NYC
skills/tavily-ai/skills/tavily-best-practices/Gen Agent Trust Hub

tavily-best-practices

Pass

Audited by Gen Agent Trust Hub on Feb 17, 2026

Risk Level: SAFEPROMPT_INJECTIONEXTERNAL_DOWNLOADSCREDENTIALS_UNSAFE
Full Analysis
  • Indirect Prompt Injection (LOW): The skill fetches web content via the Tavily API, which introduces a surface for indirect prompt injection where malicious data from external websites could influence agent behavior. (1) Ingestion points: Content is retrieved using search(), extract(), and crawl() methods. (2) Boundary markers: Absent in implementation examples. (3) Capability inventory: Extracted content is passed to LLMs in frameworks like LangChain and CrewAI as seen in references/integrations.md. (4) Sanitization: No sanitization of web content is demonstrated in the snippets.
  • External Downloads (SAFE): Recommends installing legitimate, well-known packages from PyPI and npm.
  • Credentials Unsafe (SAFE): Mentions storage of API keys and database URIs using standard placeholders and following documentation best practices.
Audit Metadata
Risk Level
SAFE
Analyzed
Feb 17, 2026, 04:38 PM