Back to skill

Security audit

WebSearchAPI

Security checks across malware telemetry and agentic risk

Overview

This is a coherent SearchAPI search tool, but it ships with an embedded API key and sends searches to an external provider with limited privacy disclosure.

Review before installing. Replace or remove the bundled SearchAPI key, confirm which account will receive query logs or billing, and avoid sending secrets, private prompts, personal data, or confidential business terms through this tool. Also check the default language and region settings if you need neutral or non-China-localized results.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Findings (4)

Missing User Warnings

Medium
Confidence
97% confidence
Finding
The skill clearly routes user queries to external third-party services (SearchAPI and Google), but the description does not explicitly warn that query contents will leave the local environment. In an agent setting, users may submit sensitive prompts, internal names, or proprietary data, so the missing disclosure creates a real privacy and data-handling risk.

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The README instructs users to configure an external SearchAPI key and use the tool for live search, but it does not disclose that search queries, language, and region parameters are transmitted to a third-party service. This creates a privacy and data-governance risk because agents may send sensitive prompts, identifiers, or user-derived context off-platform without operator awareness.

Natural-Language Policy Violations

Low
Confidence
77% confidence
Finding
The documentation sets default language and region to zh-CN and cn without documenting consent, rationale, or the privacy implications of forcing locale-specific routing. While not an exploit by itself, it can bias results, affect compliance expectations, and unintentionally disclose user geography or operational targeting when queries are sent to the external search provider.

Natural-Language Policy Violations

Medium
Confidence
86% confidence
Finding
The skill defaults all searches to zh-CN language and cn geolocation without explicit user opt-in, which can silently bias search results toward a specific jurisdiction and content ecosystem. In an agent context, this can cause privacy, policy, and integrity issues by misrepresenting results as general web information while actually constraining them to China-localized outputs.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal