smart-search-aisa

Security checks across malware telemetry and agentic risk

Overview

This skill appears research-oriented rather than malicious, but its bundled client can do more and send more data to AISA than the short skill description clearly explains.

Install only if you trust AISA with your search queries, pasted URLs, and AISA_API_KEY. Avoid using the extract mode with private, signed, intranet, localhost, or sensitive document URLs unless you intentionally want those URLs sent to AISA.

SkillSpector

By NVIDIA

Vulnerability Patterns

MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (1)

Tp4

High

Category: MCP Tool Poisoning
Confidence: 91% confidence
Finding: The skill is presented as a narrow 'smart search' mode, but the described behavior indicates materially broader capabilities including standalone search modes, URL extraction, model querying, and synthesis endpoints. This scope mismatch can mislead users and reviewers, weakening consent and security review boundaries and making it easier to invoke functions the user did not intend.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal