ClawHub
Back to skill

Security audit

Perplexity Agent

Security checks across malware telemetry and agentic risk

Overview

This is a straightforward Perplexity web-search helper that sends user search queries to Perplexity using a disclosed API key, with no hidden persistence or unrelated local access found.

Install only if you are comfortable sending search queries to Perplexity under your API account. Use a dedicated PERPLEXITY_API_KEY where possible, monitor quota or billing, and avoid submitting secrets, private documents, or sensitive personal data unless that disclosure is acceptable.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (3)

Lp3

Medium
Category
MCP Least Privilege
Confidence
96% confidence
Finding
The skill explicitly instructs the agent to run a Python script that uses environment variables and makes outbound requests, yet the skill declares no permissions. This creates a transparency and policy gap: the host and user are not clearly informed that the skill can access secrets like `PERPLEXITY_API_KEY` and transmit user queries to an external service.

Missing User Warnings

Medium
Confidence
94% confidence
Finding
The skill tells the agent to send the user's query to the Perplexity Agent API but does not provide a user-facing warning that the prompt content leaves the local environment and is shared with a third party. This can lead to unintentional disclosure of sensitive user data, proprietary information, or internal prompts when users believe they are interacting only with a local skill.

Missing User Warnings

Medium
Confidence
84% confidence
Finding
The script sends the user-provided query to a third-party API, but the code contains no notice, consent mechanism, or minimization controls. In an agent setting, users may supply sensitive data in prompts, so silent transmission to an external provider creates a real privacy and data-handling risk even if it is core functionality.

VirusTotal

52/52 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.