Skills
skills/memtensor/skills-vote/curl-search/Gen Agent Trust Hub

curl-search

Pass

Audited by Gen Agent Trust Hub on Apr 8, 2026

Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTIONEXTERNAL_DOWNLOADSDATA_EXFILTRATION
Full Analysis
  • [PROMPT_INJECTION]: The skill exposes the agent to indirect prompt injection by processing untrusted external content.
  • Ingestion points: Search result data retrieved from various web engines in scripts/search.sh.
  • Boundary markers: Absent. Content from the web is returned to the agent without delimiters or instructions to ignore embedded commands.
  • Capability inventory: Execution of curl, python3, and text processing tools like sed and grep as seen in scripts/search.sh.
  • Sanitization: The script strips HTML tags but does not filter for malicious natural language instructions.
  • [COMMAND_EXECUTION]: Shell commands are used to process queries and fetch results.
  • Invokes curl for network requests and python3 -c for URL encoding.
  • Employs a sanitization function to remove shell metacharacters from user input.
  • [EXTERNAL_DOWNLOADS]: Connects to external search providers (Google, Bing, Baidu, DuckDuckGo) to fetch content, which is the intended behavior of the skill.
  • [DATA_EXFILTRATION]: Transmits the user's search query to third-party search engine providers.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 8, 2026, 06:21 AM
Security Audit — agent-trust-hub — curl-search