Cn Web Search Custom

Security checks across malware telemetry and agentic risk

Overview

This is a search-instruction skill that sends user search terms to public search engines, with no executable code or local access.

Install only if you are comfortable with your search terms being sent to the listed public search engines. Avoid using it for secrets, credentials, private project names, personal data, sensitive business topics, or confidential investment research.

SkillSpector

By NVIDIA

Vulnerability Patterns

Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (2)

Vague Triggers

Medium

Confidence: 92% confidence
Finding: The example trigger phrase is broad enough to resemble normal user conversation, which can cause the skill to activate unintentionally when a user is making a generic search request. In an agent environment, this raises the chance of misrouting queries to this skill without clear user intent, potentially causing unexpected web scraping, disclosure of query content to third-party sites, or tool invocation beyond what the user anticipated.

Missing User Warnings

Medium

Confidence: 89% confidence
Finding: The skill explicitly encourages sending arbitrary user queries to many third-party search engines via web scraping, but it does not disclose the privacy and data-handling implications. This can expose sensitive prompts, research topics, or proprietary terms to external sites and may also create compliance and tracking risks, especially because multiple engines are queried for the same request.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal