china-search
Pass
Audited by Gen Agent Trust Hub on May 15, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill utilizes
curlcommands to fetch search results from well-known services including Baidu, Sogou, and Bing China. This is an expected operation for the skill's primary search functionality. - [PROMPT_INJECTION]: The skill presents an indirect prompt injection surface by ingesting raw HTML from external sources.
- Ingestion points: HTML content returned from search queries executed via
curlas specified inSKILL.md. - Boundary markers: Absent; the skill does not provide delimiters or instructions to treat fetched content as data only, increasing the risk of the agent following instructions embedded in search results.
- Capability inventory: Shell command execution for performing network requests.
- Sanitization: Absent; there are no defined validation or filtering steps for the raw HTML content before the agent processes it.
Audit Metadata