Skills
skills/xream/scripts/ollama-web/Gen Agent Trust Hub

ollama-web

Pass

Audited by Gen Agent Trust Hub on Mar 17, 2026

Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
  • [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection as it retrieves and processes untrusted data from the internet via search results and web page content.
  • Ingestion points: API responses from https://ollama.com/api/web_search and https://ollama.com/api/web_fetch (defined in SKILL.md).
  • Boundary markers: Absent. The instructions do not require the agent to use delimiters or 'ignore' instructions found within the external content.
  • Capability inventory: Execution of curl commands in the shell environment to interact with web APIs (defined in SKILL.md).
  • Sanitization: Absent. There are no instructions to sanitize or filter the content returned by the API before the agent processes it.
  • [COMMAND_EXECUTION]: Uses shell commands, specifically curl, to perform HTTP POST requests. This relies on the agent's underlying environment to safely handle shell interpolation of variables and user input.
  • [EXTERNAL_DOWNLOADS]: Interacts with official API endpoints at https://ollama.com to fetch search results and webpage content as part of its primary functionality.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 17, 2026, 08:33 PM