valyu-search
Pass
Audited by Gen Agent Trust Hub on Apr 9, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill uses a shell script wrapper (
scripts/valyu) to manage path resolution and execute the underlying Node.js CLI tool. This allows the agent to interact with the Valyu API through standard command-line interfaces. - [EXTERNAL_DOWNLOADS]: Documentation points to several official integrations and libraries (e.g.,
@valyu/ai-sdk,langchain-valyu,llama-index-tools-valyu) used to expand the skill's capabilities to other frameworks. The internal logic of the skill itself relies only on built-in Node.js modules. - [PROMPT_INJECTION]: As a search and content extraction tool, this skill is susceptible to indirect prompt injection. Ingestion points: External data fetched from the web via the Valyu API. Boundary markers: The tool returns responses in JSON format. Capability inventory: The script performs network operations and local file writes for configuration. Sanitization: Content retrieved from external sources is not sanitized by the script before being passed to the agent.
- [SAFE]: API key handling is implemented securely. Keys are obtained from the environment or a user-initiated setup process that stores them in
~/.valyu/config.json. The script does not access unauthorized directories or perform suspicious network activity outside of its documented API endpoints.
Audit Metadata