company-search

The skill is classified as suspicious due to the inherent shell injection vulnerability (RCE risk) when the AI agent uses `bash` or `run_python` to execute `search_fetch.py` as a fallback. While `search_fetch.py` uses `argparse` internally, the `SKILL.md` instructions for invoking it via a shell tool (`python search_fetch.py search "query"`) mean that if the agent fails to sanitize user-controlled input before passing it to the shell, arbitrary commands could be executed. Additionally, `search_fetch.py` performs network requests to arbitrary URLs, including via third-party proxies (`r.jina.ai`, `archive.org`), which, despite being disclosed in `SKILL.md` and `search_fetch.py`, introduces data flow and potential SSRF risks if the agent's environment is not properly sandboxed.