serpshot

Security checks across malware telemetry and agentic risk

Overview

This is a straightforward Serpshot search skill whose main risk is that search queries and an API key are used with an external search service.

Install only if you are comfortable letting the agent use your Serpshot API key for searches. Avoid sending secrets, private identifiers, or confidential business queries unless you are comfortable sharing them with Serpshot, and monitor credit usage.

SkillSpector

By NVIDIA

Vulnerability Patterns

Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (2)

Vague Triggers

Medium

Confidence: 92% confidence
Finding: The trigger phrases are extremely broad (e.g. search/find/lookup/research/browse and common Chinese equivalents), which can cause the skill to activate for ordinary user requests that do not clearly imply consent to use an external third-party search provider. In this context, overbroad routing increases the chance that sensitive or private prompts are sent off-platform unintentionally.

Missing User Warnings

Medium

Confidence: 95% confidence
Finding: The skill description and usage guidance do not clearly warn that user queries are transmitted to Serpshot, a third-party external service. Without a prominent disclosure, users may unknowingly share sensitive data, creating privacy and compliance risks.

VirusTotal

63/63 vendors flagged this skill as clean.

View on VirusTotal