GSearch - Free Google Search MCP
Security checks across malware telemetry and agentic risk
Overview
This appears to be a real Google search integration, but it needs review because its external package uses sensitive Google/Gemini authentication in ways the skill text does not fully explain.
Install only if you trust the @daanielcruz/gsearch-mcp package and are comfortable with Google/Gemini authentication being used for search. Prefer a dedicated Google account or explicit API key, review the OAuth consent flow, isolate or remove existing Gemini CLI credentials if you do not want them reused, and avoid sensitive search queries.
SkillSpector
By NVIDIA
Vulnerability Patterns
- Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
- Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
- Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
- Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
- Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
VirusTotal
62/62 vendors flagged this skill as clean.