Security audit
jina-deepsearch
Security checks across malware telemetry and agentic risk
Overview
This skill is a documentation-only guide for calling Jina DeepSearch through AIHubMix with the user's own API key, and no hidden code, persistence, or unrelated behavior was found.
Install only if you are comfortable using an AIHubMix API key and sending your search prompts to AIHubMix/Jina. Prefer a limited-purpose key, monitor quota or billing, and avoid including secrets or sensitive private data in search queries.
SkillSpector
By NVIDIA
Vulnerability Patterns
- Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
- Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
- Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
- Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
- Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
VirusTotal
64/64 vendors flagged this skill as clean.