tavily-web
Pass
Audited by Gen Agent Trust Hub on Apr 15, 2026
Risk Level: SAFE
Full Analysis
- [DATA_EXFILTRATION]: The skill performs network requests to api.tavily.com to fetch web search results and extract content. These operations are essential to the skill's primary function and target a well-known service. No unauthorized data transmission or exfiltration of sensitive local files was detected.
- [CREDENTIALS_UNSAFE]: API key handling is implemented securely. The instructions direct users to set the TAVILY_API_KEY as an environment variable and include specific prohibitions against hardcoding or sharing keys in the chat interface.
- [SAFE]: The skill processes external web data, which constitutes an indirect prompt injection surface.
- Ingestion points: Search results and extracted content from the Tavily API (referenced in SKILL.md and all files in references/).
- Boundary markers: The instructions do not define explicit delimiters or 'ignore instructions' markers for the external data.
- Capability inventory: The agent uses retrieved information for synthesis and providing citations. It does not possess capabilities to execute code, write files, or perform privilege escalation based on this data.
- Sanitization: No explicit sanitization or filtering of the web content is performed by the skill logic.
Audit Metadata