web-search

Pass

Audited by Gen Agent Trust Hub on Jul 2, 2026

Risk Level: SAFEDATA_EXFILTRATIONCOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
  • [DATA_EXFILTRATION]: The skill instructions require reading the user's API key from a local configuration file at ~/.gooseworks/credentials.json. This key is subsequently used in the Authorization header for all network requests to the external service at api.gooseworks.ai.
  • [COMMAND_EXECUTION]: The setup and search examples utilize shell commands, specifically python3 for JSON parsing of local credentials and curl for making authenticated HTTP requests to the proxy API.
  • [EXTERNAL_DOWNLOADS]: The skill facilitates the retrieval of content from various external platforms (Tavily, Exa, Andi, Linkup, Valyu, SearchAPI) through a centralized proxy, which involves downloading potentially large volumes of untrusted data from the web.
  • [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection due to the ingestion of untrusted external content.
  • Ingestion points: External search results, website content, and platform-specific data (YouTube comments, product descriptions) retrieved via the search APIs defined in SKILL.md.
  • Boundary markers: The instructions do not define delimiters or warnings to treat search results as untrusted data.
  • Capability inventory: The skill executes network operations using curl. The resulting untrusted data is returned to the agent context.
  • Sanitization: No sanitization or filtering logic is specified for the data returned from external sources.
Audit Metadata
Risk Level
SAFE
Analyzed
Jul 2, 2026, 06:17 AM
Security Audit — agent-trust-hub — web-search