tavily-extract
Pass
Audited by Gen Agent Trust Hub on Jun 23, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill uses the
curlbinary to send POST requests to the Tavily API, which is standard for API-based tools. - [EXTERNAL_DOWNLOADS]: The skill communicates with the
api.tavily.comdomain to retrieve web content. Tavily is a well-known service for search and data extraction, and this interaction is expected for the skill's functionality. - [PROMPT_INJECTION]: The skill has a surface for indirect prompt injection because it is designed to ingest and process data from external, untrusted web pages.
- Ingestion points: External web content is retrieved and provided to the agent through the
raw_contentfield in the API response as seen in SKILL.md. - Boundary markers: The skill documentation does not define specific boundary markers or instructions to isolate the retrieved content from the agent's instruction context.
- Capability inventory: The skill uses
curlfor making network requests to the Tavily API. - Sanitization: No explicit sanitization or filtering of the fetched web content is performed by the skill itself.
Audit Metadata