Web Search Hub

Security checks across malware telemetry and agentic risk

Overview

This is a straightforward DuckDuckGo web-search helper with disclosed network searches and optional saved results, without evidence of hidden data access or persistence.

Install dependencies only from trusted sources, preferably in a virtual environment. Use the output option only with intended file paths to avoid overwriting files, and treat returned web links and snippets as untrusted information that may need verification.

SkillSpector

By NVIDIA

Vulnerability Patterns

Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access

Findings (2)

Context-Inappropriate Capability

Medium

Confidence: 93% confidence
Finding: The script exposes arbitrary local file write via the user-controlled --output path, allowing search results to be written anywhere the executing user has permission. For a skill whose stated purpose is only to perform web searches, this exceeds the minimum required capability and can be abused to overwrite local files, drop misleading content, or interfere with other agent state if untrusted input can influence the path.

Vague Triggers

Medium

Confidence: 75% confidence
Finding: The trigger language is very broad and includes common phrases like 'find information about' or 'look up,' which can cause the skill to activate for many routine requests. In an agent environment, unintended invocation can lead to unnecessary external searches, unexpected network access, and unplanned file creation if downstream options are used, expanding the skill’s effective attack surface.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal