web-search-perplexity

Pass

Audited by Gen Agent Trust Hub on Jul 2, 2026

Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The setup instructions include shell commands that use python3 to programmatically read and parse the ~/.gooseworks/credentials.json file to extract authentication tokens.
  • [EXTERNAL_DOWNLOADS]: The documentation references npx commands for installation and login, which download and execute packages from the npm registry at runtime.
  • [PROMPT_INJECTION]: The skill's core functionality involves fetching real-time data from web search results. This constitutes an indirect prompt injection surface where untrusted external content could attempt to override agent instructions.
  • Ingestion points: Web search results and webpage content retrieved via Perplexity APIs (documented in SKILL.md).
  • Boundary markers: No explicit delimiters or 'ignore' instructions are provided to separate retrieved content from the system prompt.
  • Capability inventory: The skill utilizes curl for network requests and python3 for credential parsing (documented in SKILL.md).
  • Sanitization: No sanitization or validation of the retrieved web content is described in the instructions.
Audit Metadata
Risk Level
SAFE
Analyzed
Jul 2, 2026, 06:18 AM
Security Audit — agent-trust-hub — web-search-perplexity