Security Audit

tavily

github.com/intellectronica/agent-skills

AI SkillCommit 326f2466f4b7

TRUSTED

Scanned 9 days ago

Critical

Immediate action required

High

Priority fixes suggested

Medium

Best practices review

Low

Acknowledged / Tracked

Trust Assessment

tavily received a trust score of 90/100, placing it in the Trusted category. This skill has passed all critical security checks and demonstrates strong security practices.

SkillShield's automated analysis identified 1 finding: 0 critical, 1 high, 0 medium, and 0 low severity. Key findings include Potential Command Injection via unsanitized user input in `curl` commands.

The analysis covered 4 layers: dependency_graph, manifest_analysis, llm_behavioral_safety, static_code_analysis. All layers scored 70 or above, reflecting consistent security practices.

Last analyzed on February 11, 2026 (commit 326f2466). SkillShield performs automated 4-layer security analysis on AI skills and MCP servers.

Layer Breakdown

Manifest Analysis

100%

Static Code Analysis

100%

Dependency Graph

100%

LLM Behavioral Safety

85%

Behavioral Risk Signals

Network Access

1 finding

Shell Execution

1 finding

Dynamic Code

1 finding

Security Findings1

Severity	Finding	Layer	Location
HIGH	Potential Command Injection via unsanitized user input in `curl` commands The skill documentation provides `curl` examples that use placeholders for user-controlled input (e.g., `query`, `url`, `input`). If an agent implements this skill by directly interpolating untrusted user input into these `curl` commands without proper sanitization or escaping, it could lead to command injection. A malicious user could craft input that includes shell metacharacters (e.g., `;`, `\|`, `&`) to execute arbitrary commands on the host system where the `curl` command is run. This risk is inherent when an agent is instructed to construct and execute shell commands based on dynamic input. Implement robust input sanitization and escaping for all user-controlled parameters before constructing and executing `curl` commands. Prefer using a dedicated HTTP client library in the agent's programming language that handles JSON serialization and request building securely, rather than directly constructing shell commands with string concatenation. If shell execution is unavoidable, ensure all user-provided strings are properly escaped for the shell context to prevent injection of arbitrary commands.	Unknown	SKILL.md:30

Scan History

Embed Code

[![SkillShield](https://skillshield.io/api/v1/badge/e7f33bc9be2b9ced.svg)](https://skillshield.io/report/e7f33bc9be2b9ced)