internet-search
Pass
Audited by Gen Agent Trust Hub on Apr 16, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTIONDATA_EXFILTRATION
Full Analysis
- [COMMAND_EXECUTION]: The skill uses 'curl', 'jq', and 'python3' to interact with the Rebyte API and process search data. It also executes a local authentication binary at '/home/user/.local/bin/rebyte-auth'.
- [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection as it retrieves and processes untrusted data from the internet.
- Ingestion points: Search result titles and snippets returned from the API in SKILL.md.
- Boundary markers: No markers are present to distinguish search results from system instructions.
- Capability inventory: Shell command execution via 'curl', 'jq', and 'python3'.
- Sanitization: Search results are not sanitized or escaped before being presented to the agent.
- [DATA_EXFILTRATION]: Accesses sensitive vendor configuration at '/home/user/.rebyte.ai/auth.json' and retrieves an authentication token via '/home/user/.local/bin/rebyte-auth'. This information is used to authorize requests to the API endpoint defined in the configuration.
Audit Metadata