Skills
skills/hktitan/swiggy-cli/swiggy-search/Gen Agent Trust Hub

swiggy-search

Pass

Audited by Gen Agent Trust Hub on Apr 28, 2026

Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill interfaces with an external swiggy CLI to search for food, groceries, and dining reservations. It maps specific user intents to subcommands, utilizing parameters such as query strings, restaurant IDs, and city names for search operations.\n- [PROMPT_INJECTION]: The skill possesses a surface for indirect prompt injection by processing untrusted data from Swiggy search results.\n
  • Ingestion points: Output from swiggy CLI commands processed in SKILL.md.\n
  • Boundary markers: None specified in the instructions.\n
  • Capability inventory: Shell execution of the swiggy tool for data retrieval.\n
  • Sanitization: No explicit sanitization of external content is described.\n The potential risk is mitigated by instructions that strictly limit the agent to information retrieval and explicitly forbid automated transactions, such as booking or adding items to a cart, without direct human intervention.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 28, 2026, 03:22 PM