agentic-search

Pass

Audited by Gen Agent Trust Hub on Jun 16, 2026

Risk Level: SAFE
Full Analysis
  • [SAFE]: The skill interacts exclusively with legitimate, well-known service providers (xAI, Tavily, and Firecrawl) to perform web research and content retrieval.
  • [SAFE]: Local session management is handled via JSON files stored in the system's temporary directory (tempfile.gettempdir()). The skill includes an LRU (Least Recently Used) pruning mechanism to cap the number of cached sessions, preventing potential disk space exhaustion.
  • [SAFE]: External dependencies are managed using standard PEP 723 inline script metadata, restricted to widely-used and audited libraries such as httpx and tenacity.
  • [SAFE]: The dynamic module loading (__import__("pathlib")) identified by static analysis is a benign implementation detail used to resolve local file paths relative to the script's location, ensuring portability across different environments.
  • [SAFE]: The skill correctly implements ast.literal_eval() and json.loads() for parsing structured data, avoiding unsafe evaluation of untrusted strings.
  • [SAFE]: Prompts are focused on research methodology, citation adherence, and formatting fidelity, with no evidence of instructions aimed at bypassing AI safety guardrails or extracting sensitive system information.
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 16, 2026, 04:19 PM
Security Audit — agent-trust-hub — agentic-search