omnisearch

Pass

Audited by Gen Agent Trust Hub on May 19, 2026

Risk Level: SAFE
Full Analysis
  • [SAFE]: The skill performs search operations using official API endpoints for Brave, Tavily, and Xpoz. All network communications are directed to legitimate service domains.\n- [SAFE]: The skill adheres to secure secret management practices by instructing users to configure API keys via environment variables.\n- [COMMAND_EXECUTION]: Orchestration between scripts is performed via subprocess.run calls. These calls are implemented securely using argument lists and disabling shell execution, effectively mitigating command injection risks.\n- [SAFE]: My analysis found no evidence of obfuscation, unauthorized data access, or malicious persistence mechanisms. The skill's behavior is consistent with its stated purpose.
Audit Metadata
Risk Level
SAFE
Analyzed
May 19, 2026, 04:39 PM
Security Audit — agent-trust-hub — omnisearch