tavily
Pass
Audited by Gen Agent Trust Hub on Mar 1, 2026
Risk Level: SAFEPROMPT_INJECTIONEXTERNAL_DOWNLOADSCOMMAND_EXECUTION
Full Analysis
- [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection because it processes content retrieved from the live web. * Ingestion points: External web content is ingested via the scripts/tavily_search.py script. * Boundary markers: There are no explicit delimiters or instructions defined in the documentation to isolate search results from the agent's core instructions. * Capability inventory: The skill performs network operations via the tavily-python library. * Sanitization: The skill does not appear to sanitize or filter the content retrieved from external sources before presenting it to the agent.
- [EXTERNAL_DOWNLOADS]: The skill interacts with the well-known Tavily API (api.tavily.com) and recommends installing the official tavily-python library for its functionality.
- [COMMAND_EXECUTION]: The skill operates by executing a local Python script, scripts/tavily_search.py, which serves as the primary interface for search operations.
Audit Metadata