Back to skill

Security audit

Perplexity Sonar

Security checks across malware telemetry and agentic risk

Overview

This is a straightforward Perplexity/AIsa search skill that sends the user's chosen query to documented external API endpoints using an AISA API key.

Install only if you are comfortable sending selected search queries and optional system instructions to AIsa/Perplexity-backed services. Avoid including secrets, personal data, regulated content, or confidential business material unless your policy allows external processing, and keep the AISA_API_KEY scoped and rotated normally.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (6)

Lp3

Medium
Category
MCP Least Privilege
Confidence
91% confidence
Finding
The skill declares required environment variables and instructs use of networked clients/curl, but does not declare explicit permissions for those capabilities. That creates a governance gap: operators may not realize the skill can access secrets and transmit user prompts or other data to an external service. In a skill that is specifically designed to call a third-party API, this omission is not inherently malicious, but it weakens review and consent controls.

External Transmission

Medium
Category
Data Exfiltration
Content
--system "Respond in markdown with an executive summary first."
```

## Curl Examples

### Sonar
Confidence
93% confidence
Finding
Curl Examples ### Sonar ```bash curl -X POST "https://api.aisa.one/apis/v1/perplexity/sonar" \ -H "Authorization: Bearer $AISA_API_KEY" \ -H "Content-Type: application/json" \ -d '{ "model

External Transmission

Medium
Category
Data Exfiltration
Content
### Sonar

```bash
curl -X POST "https://api.aisa.one/apis/v1/perplexity/sonar" \
  -H "Authorization: Bearer $AISA_API_KEY" \
  -H "Content-Type: application/json" \
  -d '{
Confidence
95% confidence
Finding
https://api.aisa.one/

External Transmission

Medium
Category
Data Exfiltration
Content
### Sonar Pro

```bash
curl -X POST "https://api.aisa.one/apis/v1/perplexity/sonar-pro" \
  -H "Authorization: Bearer $AISA_API_KEY" \
  -H "Content-Type: application/json" \
  -d '{
Confidence
95% confidence
Finding
https://api.aisa.one/

External Transmission

Medium
Category
Data Exfiltration
Content
### Sonar Reasoning Pro

```bash
curl -X POST "https://api.aisa.one/apis/v1/perplexity/sonar-reasoning-pro" \
  -H "Authorization: Bearer $AISA_API_KEY" \
  -H "Content-Type: application/json" \
  -d '{
Confidence
95% confidence
Finding
https://api.aisa.one/

External Transmission

Medium
Category
Data Exfiltration
Content
### Sonar Deep Research

```bash
curl -X POST "https://api.aisa.one/apis/v1/perplexity/sonar-deep-research" \
  -H "Authorization: Bearer $AISA_API_KEY" \
  -H "Content-Type: application/json" \
  -d '{
Confidence
96% confidence
Finding
https://api.aisa.one/

VirusTotal

VirusTotal findings are pending for this skill version.

View on VirusTotal

Static analysis

No suspicious patterns detected.