web-search-perplexity
Pass
Audited by Gen Agent Trust Hub on Jul 2, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The setup instructions include shell commands that use
python3to programmatically read and parse the~/.gooseworks/credentials.jsonfile to extract authentication tokens. - [EXTERNAL_DOWNLOADS]: The documentation references
npxcommands for installation and login, which download and execute packages from the npm registry at runtime. - [PROMPT_INJECTION]: The skill's core functionality involves fetching real-time data from web search results. This constitutes an indirect prompt injection surface where untrusted external content could attempt to override agent instructions.
- Ingestion points: Web search results and webpage content retrieved via Perplexity APIs (documented in
SKILL.md). - Boundary markers: No explicit delimiters or 'ignore' instructions are provided to separate retrieved content from the system prompt.
- Capability inventory: The skill utilizes
curlfor network requests andpython3for credential parsing (documented inSKILL.md). - Sanitization: No sanitization or validation of the retrieved web content is described in the instructions.
Audit Metadata