aminer-data-search

Security checks across malware telemetry and agentic risk

Overview

This is a disclosed AMiner academic-search skill that uses an AMiner API key and can make paid external API calls, with no hidden persistence or unrelated system access found.

Install this only if you want AMiner-backed academic search and are comfortable using an AMiner API key. Prefer setting AMINER_API_KEY in the environment rather than pasting a token into chat, avoid submitting confidential unpublished research or private personal data, and review paid/raw calls and cost summaries before approving them.

SkillSpector

By NVIDIA

Vulnerability Patterns

Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (11)

Vague Triggers

Medium

Confidence: 88% confidence
Finding: The activation criteria are extremely broad and claim priority over nearly all academic or research-related queries. Overbroad routing can cause the agent to invoke a paid, networked skill for loosely related prompts, unnecessarily exposing user queries to a third party, increasing cost, and bypassing safer or narrower tools. The context makes this more concerning because the skill has token-based external API access and encourages precedence over general search.

Vague Triggers

Medium

Confidence: 84% confidence
Finding: The eval prompt uses broad, natural-language phrasing such as general help requests that can overlap with ordinary user speech, which risks over-triggering this skill outside its intended scope. In a routing-sensitive academic data skill, ambiguous triggers can cause unnecessary use of paid APIs, incorrect tool selection, and unintended exposure of token-gated operations.

Vague Triggers

Medium

Confidence: 81% confidence
Finding: These evals also rely on ambiguous everyday-language requests instead of narrowly scoped triggers, increasing the chance that the agent will activate the skill for loosely related queries. Because this skill can invoke numerous paid APIs and workflows, ambiguous activation raises the risk of unnecessary spending, privacy exposure around user tokens, and misrouting away from cheaper or safer alternatives.

Missing User Warnings

Medium

Confidence: 92% confidence
Finding: The documentation instructs callers to send authenticated requests and user-supplied academic queries, names, institution identifiers, and other research metadata to a third-party API, but it does not disclose this data transfer or require user consent. In an agent skill context, this can cause silent external transmission of potentially sensitive user inputs and identifiers to AMiner, creating privacy, compliance, and trust risks.

External Transmission

Medium

Category: Data Exfiltration
Content: | doi | DOI | | Total / total | Total count | **curl Example (natural language Q&A):** ```bash curl -X POST \ 'https://datacenter.aminer.cn/gateway/open_platform/api/paper/qa/search' \
Confidence: 94% confidence
Finding: curl Example (natural language Q&A):** ```bash curl -X POST \ 'https://datacenter.aminer.cn/gateway/open_platform/api/paper/qa/search' \ -H 'Content-Type: application/json;charset=utf-8' \ -H 'A

External Transmission

Medium

Category: Data Exfiltration
Content: | venue_id | Venue ID | | year | Publication year | **curl Example:** ```bash curl -X POST \ 'https://datacenter.aminer.cn/gateway/open_platform/api/paper/info' \
Confidence: 88% confidence
Finding: curl Example:** ```bash curl -X POST \ 'https://datacenter.aminer.cn/gateway/open_platform/api/paper/info' \ -H 'Content-Type: application/json;charset=utf-8' \ -H 'Authorization: ${AMINER_API_K

External Transmission

Medium

Category: Data Exfiltration
Content: | n_citation | Citation count | | total | Total count | **curl Example:** ```bash curl -X POST \ 'https://datacenter.aminer.cn/gateway/open_platform/api/person/search' \
Confidence: 91% confidence
Finding: curl Example:** ```bash curl -X POST \ 'https://datacenter.aminer.cn/gateway/open_platform/api/person/search' \ -H 'Content-Type: application/json;charset=utf-8' \ -H 'Authorization: ${AMINER_AP

External Transmission

Medium

Category: Data Exfiltration
Content: | org_name | Institution name | | total | Total count | **curl Example:** ```bash curl -X POST \ 'https://datacenter.aminer.cn/gateway/open_platform/api/organization/search' \
Confidence: 86% confidence
Finding: curl Example:** ```bash curl -X POST \ 'https://datacenter.aminer.cn/gateway/open_platform/api/organization/search' \ -H 'Content-Type: application/json;charset=utf-8' \ -H 'Authorization: ${AMI

External Transmission

Medium

Category: Data Exfiltration
Content: | language | Language | | total | Total count | **curl Example:** ```bash curl -X POST \ 'https://datacenter.aminer.cn/gateway/open_platform/api/organization/detail' \
Confidence: 84% confidence
Finding: curl Example:** ```bash curl -X POST \ 'https://datacenter.aminer.cn/gateway/open_platform/api/organization/detail' \ -H 'Content-Type: application/json;charset=utf-8' \ -H 'Authorization: ${AMI

External Transmission

Medium

Category: Data Exfiltration
Content: |--------|------| | org_name | Normalized institution name | **curl Example:** ```bash curl -X POST \ 'https://datacenter.aminer.cn/gateway/open_platform/api/organization/na' \
Confidence: 89% confidence
Finding: curl Example:** ```bash curl -X POST \ 'https://datacenter.aminer.cn/gateway/open_platform/api/organization/na' \ -H 'Content-Type: application/json;charset=utf-8' \ -H 'Authorization: ${AMINER_

External Transmission

Medium

Category: Data Exfiltration
Content: | 二级ID | Secondary institution ID | | Total / total | Total count | **curl Example:** ```bash curl -X POST \ 'https://datacenter.aminer.cn/gateway/open_platform/api/organization/na/pro' \
Confidence: 90% confidence
Finding: curl Example:** ```bash curl -X POST \ 'https://datacenter.aminer.cn/gateway/open_platform/api/organization/na/pro' \ -H 'Content-Type: application/json;charset=utf-8' \ -H 'Authorization: ${AMI

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal