Skills
skills/tavily-ai/skills/tavily-search/Gen Agent Trust Hub

tavily-search

Pass

Audited by Gen Agent Trust Hub on Mar 17, 2026

Risk Level: SAFEREMOTE_CODE_EXECUTIONCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [REMOTE_CODE_EXECUTION]: The documentation provides an installation command (curl -fsSL https://cli.tavily.com/install.sh | bash) to download and execute a script from the vendor's official domain (cli.tavily.com). This is a legitimate vendor-owned resource.
  • [COMMAND_EXECUTION]: The skill is configured to allow the agent to execute 'tvly' commands through the system bash shell, which is required for the tool's operation.
  • [PROMPT_INJECTION]: The skill ingests untrusted data from the internet via web search results and full page content, representing an indirect prompt injection surface.
  • Ingestion points: Search result snippets and raw page content fetched by 'tvly search' (SKILL.md).
  • Boundary markers: No specific markers or 'ignore' instructions are present to distinguish search data from system instructions.
  • Capability inventory: The agent can execute commands via the 'tvly' CLI (SKILL.md).
  • Sanitization: The skill does not describe any specific sanitization or filtering of the external search content before processing.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 17, 2026, 06:44 PM