ClawHub

Perplexity Sonar Search

Security checks across malware telemetry and agentic risk

Overview

This skill is a straightforward Perplexity/AIsa search helper that sends requested search prompts to an external API when invoked.

Install this only if you trust the AIsa/Perplexity service and are comfortable sending search prompts, optional system instructions, and authenticated requests to that provider. Use a revocable API key where possible, and avoid putting secrets, private documents, or sensitive personal data in prompts unless you intend to share that data with the service.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (2)

Lp3

Medium
Category
MCP Least Privilege
Confidence
89% confidence
Finding
The skill explicitly requires an environment secret (`AISA_API_KEY`) and performs outbound network calls, but it does not declare permissions in a way that would let a host enforce or review those capabilities up front. That mismatch weakens transparency and policy enforcement, increasing the chance that sensitive prompts or data are sent externally without clear operator awareness.

Missing User Warnings

Medium
Confidence
91% confidence
Finding
The client sends user-provided query text and optional system instructions directly to a third-party API, but the code provides no explicit notice, consent flow, or redaction step before transmission. In a skill context, prompts may contain sensitive user data, secrets, internal instructions, or regulated information, so silent outbound transmission creates a real privacy and data-handling risk even if it is the expected functional behavior of the tool.

VirusTotal

56/56 vendors flagged this skill as clean.

View on VirusTotal