perplexity-search
Pass
Audited by Gen Agent Trust Hub on Mar 23, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill processes external web search results and AI-synthesized answers from Perplexity. This creates a surface for indirect prompt injection where malicious instructions embedded in web pages could influence the agent's behavior. Ingestion points: Output from scripts/mcp/perplexity_search.py (Perplexity API responses). Boundary markers: No markers or warnings are defined to distinguish external content from agent instructions. Capability inventory: The skill utilizes Bash and Read tools to execute code and read local environment configurations. Sanitization: No sanitization or validation of the ingested search data is documented.
- [COMMAND_EXECUTION]: The skill relies on executing a local Python script scripts/mcp/perplexity_search.py via uv run. This script is external to the analyzed skill file but is a vendor-provided resource for the skill's primary functionality.
Audit Metadata