Skills
skills/tavily-ai/skills/tavily-dynamic-search/Gen Agent Trust Hub

tavily-dynamic-search

Pass

Audited by Gen Agent Trust Hub on Apr 13, 2026

Risk Level: SAFEREMOTE_CODE_EXECUTIONCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [REMOTE_CODE_EXECUTION]: The skill provides an installation command for the Tavily CLI: curl -fsSL https://cli.tavily.com/install.sh | bash. This pattern downloads and executes a script from the official vendor domain.
  • [COMMAND_EXECUTION]: The skill instructs the agent to run shell commands and Python code using heredocs. It utilizes subprocess.check_output to interact with the local tvly tool and manage search data.
  • [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection from processed web content. Evidence: 1. Ingestion points: Web data entering via tvly search and tvly extract in SKILL.md. 2. Boundary markers: The skill encourages context isolation by filtering data in a local Python process before it reaches the AI context. 3. Capability inventory: Use of python3, subprocess, and file writes to /tmp/. 4. Sanitization: The skill provides examples of manual keyword filtering and structural cleaning to reduce noise and potentially malicious content.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 13, 2026, 08:36 PM