Skills
skills/vm0-ai/vm0-skills/tavily/Gen Agent Trust Hub

tavily

Pass

Audited by Gen Agent Trust Hub on Apr 17, 2026

Risk Level: SAFEDATA_EXFILTRATIONCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [DATA_EXFILTRATION]: Performs network requests to api.tavily.com to fetch search results. This is the primary intended function and targets a well-known AI search service.
  • [COMMAND_EXECUTION]: Utilizes curl commands to interact with the external API. The command structure is predefined and uses environment variables for authentication.
  • [PROMPT_INJECTION]: Presents an indirect prompt injection surface. 1. Ingestion points: Retrieves untrusted web content via the Tavily Search API. 2. Boundary markers: Absent; the skill does not define specific delimiters or instructions to ignore potential commands embedded in search results. 3. Capability inventory: Includes shell command execution via curl and potential integration with other storage or communication tools like Notion or Slack. 4. Sanitization: Absent; no explicit sanitization or filtering of the retrieved web content is performed before use.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 17, 2026, 04:44 PM