The Agent Skills Directory

[PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection because it ingests untrusted content from various web search engines and provides it to the agent. Ingestion points: Web search results retrieved via the SerpApi API (documented in SKILL.md and rules/response.md). Boundary markers: No specific markers are used to separate incoming data from instructions. Capability inventory: The skill enables reading web data via the SerpApi toolset but does not implement file system writes or arbitrary code execution within its instructions. Sanitization: No sanitization of search results is specified before they are processed by the agent.
[EXTERNAL_DOWNLOADS]: The instructions describe installing the official SerpApi CLI via Homebrew and various SDKs through standard package registries (NPM, PyPI, RubyGems).
[COMMAND_EXECUTION]: Provides examples for executing the serpapi command-line utility to perform web searches and manage account settings.
[DATA_EXFILTRATION]: Performs network communication with the serpapi.com domain to retrieve search results, which is the intended purpose of the tool, and uses a user-provided API key for authentication.

serpapi-web-search