internet-search

Pass

Audited by Gen Agent Trust Hub on Apr 16, 2026

Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTIONDATA_EXFILTRATION
Full Analysis
  • [COMMAND_EXECUTION]: The skill uses 'curl', 'jq', and 'python3' to interact with the Rebyte API and process search data. It also executes a local authentication binary at '/home/user/.local/bin/rebyte-auth'.
  • [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection as it retrieves and processes untrusted data from the internet.
  • Ingestion points: Search result titles and snippets returned from the API in SKILL.md.
  • Boundary markers: No markers are present to distinguish search results from system instructions.
  • Capability inventory: Shell command execution via 'curl', 'jq', and 'python3'.
  • Sanitization: Search results are not sanitized or escaped before being presented to the agent.
  • [DATA_EXFILTRATION]: Accesses sensitive vendor configuration at '/home/user/.rebyte.ai/auth.json' and retrieves an authentication token via '/home/user/.local/bin/rebyte-auth'. This information is used to authorize requests to the API endpoint defined in the configuration.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 16, 2026, 05:39 PM
Security Audit — agent-trust-hub — internet-search