Skills
skills/echosell/keyapi-skills/keyapi-google-search/Gen Agent Trust Hub

keyapi-google-search

Pass

Audited by Gen Agent Trust Hub on Mar 24, 2026

Risk Level: SAFE
Full Analysis
  • [COMMAND_EXECUTION]: The skill utilizes a local Node.js script (scripts/run.js) to execute search queries. This script handles network communication with the MCP server and manages local file system operations for caching results.
  • [CREDENTIALS_UNSAFE]: The skill manages the KEYAPI_TOKEN by reading from environment variables or a local .env file. The script includes a convenience feature to prompt for the token and save it locally if it is missing, which is a standard pattern for developer tools.
  • [EXTERNAL_DOWNLOADS]: The skill communicates with the documented KeyAPI endpoint (https://mcp.keyapi.ai) to retrieve search data. All network activity is directed to the service provider's infrastructure.
  • [DATA_EXPOSURE]: The skill implements a local cache in the .keyapi-cache/ directory. This directory stores JSON responses from search queries, which may include snippets of web content. Users should be aware that search history is persisted locally.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 24, 2026, 12:09 PM