Skills
skills/acedatacloud/skills/google-search/Gen Agent Trust Hub

google-search

Pass

Audited by Gen Agent Trust Hub on Apr 9, 2026

Risk Level: SAFEEXTERNAL_DOWNLOADS
Full Analysis
  • [SAFE]: The skill documentation describes how to interact with the AceDataCloud Google SERP API. All network requests are directed to the vendor's official domains (api.acedata.cloud and serp.mcp.acedata.cloud).
  • [SAFE]: Authentication is handled via environment variables (ACEDATACLOUD_API_TOKEN), which is a recommended practice for preventing credential exposure in code or logs.
  • [EXTERNAL_DOWNLOADS]: The skill references the mcp-serp Python package for use with the Model Context Protocol (MCP). This package is part of the vendor's ecosystem for search functionality.
  • [SAFE]: The skill has a surface for indirect prompt injection as it ingests untrusted data from the web.
  • Ingestion points: Search results (organic results, snippets, news headlines) returned from the Google SERP API.
  • Boundary markers: None explicitly defined in the API usage instructions provided in the skill.
  • Capability inventory: No direct subprocess or file-write capabilities are defined within this skill file, though it provides data to an agent that may possess such tools.
  • Sanitization: No specific sanitization or filtering of search results is described in the provided documentation, which is typical for a search-oriented tool.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 9, 2026, 03:28 AM
Security Audit — agent-trust-hub — google-search