Skills
skills/unifuncs/skills/unifuncs-search/Gen Agent Trust Hub

unifuncs-search

Pass

Audited by Gen Agent Trust Hub on Mar 28, 2026

Risk Level: SAFE
Full Analysis
  • [DATA_EXFILTRATION]: The skill makes network requests to api.unifuncs.com to fetch search results. This is the primary function of the tool and uses the official API domain of the vendor.
  • [PROMPT_INJECTION]: The skill ingests and displays external content from the web, which is a standard feature of search tools and represents an inherent surface for indirect prompt injection.
  • Ingestion points: Web content is retrieved from the UniFuncs Search API within search.py.
  • Boundary markers: The output uses Markdown headers to structure results, but does not include explicit delimiters to isolate external text from agent instructions.
  • Capability inventory: The script is limited to network requests and terminal output; it cannot execute shell commands or access files beyond reading its own environment.
  • Sanitization: External data like snippets and page names are presented as provided by the API.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 28, 2026, 08:34 AM