Trust Assessment
tavily received a trust score of 85/100, placing it in the Mostly Trusted category. This skill has passed most security checks with only minor considerations noted.
SkillShield's automated analysis identified 1 finding: 0 critical, 1 high, 0 medium, and 0 low severity. Key findings include Potential Command Injection via `curl` examples with user-controlled input.
The analysis covered 4 layers: Manifest Analysis, Static Code Analysis, Dependency Graph, LLM Behavioral Safety. All layers scored 70 or above, reflecting consistent security practices.
Last analyzed on June 1, 2026 (commit 9b0e00ad). SkillShield performs automated 4-layer security analysis on AI skills and MCP servers.
Layer Breakdown
Behavioral Risk Signals
Security Findings1
| Severity | Finding | Layer | Location | |
|---|---|---|---|---|
| HIGH | Potential Command Injection via `curl` examples with user-controlled input The skill documentation provides `curl` command examples that include placeholders for user-controlled input (e.g., `<query>`, `urls`, `url`, `instructions`). If an AI agent's implementation of this skill directly constructs and executes these `curl` commands using shell execution (e.g., `subprocess.run(..., shell=True)` in Python) without proper sanitization or escaping of user input, it could lead to command injection. An attacker could craft malicious input to execute arbitrary shell commands on the host system. The agent's runtime should avoid direct shell execution of `curl` commands with user-controlled input. Instead, it should use a robust HTTP client library (e.g., `requests` in Python, `fetch` in JavaScript) to make API calls, passing parameters as structured data (e.g., JSON objects) rather than interpolating them into shell strings. If shell execution is absolutely necessary, all user-provided input must be rigorously sanitized and escaped to prevent command injection. | Static | SKILL.md:40 |
Scan History
Embed Code
[](https://skillshield.io/report/afbe72dd04b47697)
Powered by SkillShield