omnisearch
Pass
Audited by Gen Agent Trust Hub on May 19, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill performs search operations using official API endpoints for Brave, Tavily, and Xpoz. All network communications are directed to legitimate service domains.\n- [SAFE]: The skill adheres to secure secret management practices by instructing users to configure API keys via environment variables.\n- [COMMAND_EXECUTION]: Orchestration between scripts is performed via subprocess.run calls. These calls are implemented securely using argument lists and disabling shell execution, effectively mitigating command injection risks.\n- [SAFE]: My analysis found no evidence of obfuscation, unauthorized data access, or malicious persistence mechanisms. The skill's behavior is consistent with its stated purpose.
Audit Metadata