tgw-search

Pass

Audited by Gen Agent Trust Hub on Jun 29, 2026

Risk Level: SAFECOMMAND_EXECUTIONDATA_EXFILTRATIONPROMPT_INJECTIONEXTERNAL_DOWNLOADS
Full Analysis
  • [COMMAND_EXECUTION]: The skill executes a local Python script scripts/dual_search.py to perform searches, manage configuration, and check system status.
  • [DATA_EXFILTRATION]: The skill transmits user-provided search queries to external API endpoints for Perplexity (api.perplexity.ai) and Tavily (api.tavily.com). This is the intended primary purpose of the skill.
  • [EXTERNAL_DOWNLOADS]: The documentation (references/search-config.md) advises users to install the standard requests Python library via pip if it is not already present on the system.
  • [PROMPT_INJECTION]: The skill ingests and processes untrusted data from the open web (search results), which presents an indirect prompt injection surface.
  • Ingestion points: Search results from Perplexity and Tavily are parsed in scripts/dual_search.py and returned to the agent context.
  • Boundary markers: The script formats results into Markdown headers and lists but does not implement specific delimiters to isolate external content from instructions.
  • Capability inventory: The skill has the capability to write to the local file system (config and data directories) and execute shell commands.
  • Sanitization: The skill does not perform specific sanitization or filtering of the retrieved web content beyond basic formatting.
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 29, 2026, 02:26 AM
Security Audit — agent-trust-hub — tgw-search