serpapi
Pass
Audited by Gen Agent Trust Hub on Apr 5, 2026
Risk Level: SAFE
Full Analysis
- [COMMAND_EXECUTION]: The skill utilizes
curlfor making HTTP requests to the SerpApi service andjqfor parsing the structured JSON responses. This is a standard and safe way to handle API interactions in a command-line environment. - [EXTERNAL_DOWNLOADS]: Fetches search results from
serpapi.com, a well-known and reputable service for scraping search engine data. The interactions are limited to the official API endpoints. - [PROMPT_INJECTION]: The skill processes external search data, which is an inherent surface for indirect prompt injection. However, it mitigates this by using
jqto extract only specific, structured fields from the API response (e.g., titles, links, snippets), reducing the likelihood of processing raw malicious instructions embedded in web content.
Audit Metadata