bookmark

Security checks across malware telemetry and agentic risk

Overview

This is a read-only bookmark search skill with a disclosed option to query a different source URL if the user explicitly chooses one.

Install this if you are comfortable with a local Node script making read-only requests to Shuqianlan. Use the default source unless you intentionally trust another public URL, and do not point the base URL override at internal or sensitive services.

SkillSpector

By NVIDIA

Vulnerability Patterns

Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep

Findings (1)

Missing User Warnings

Medium

Confidence: 95% confidence
Finding: The script allows the outbound request destination to be fully controlled via BOOKMARK_BASE_URL or the --base-url argument, and then uses that value for multiple fetch() calls. In an agent or automation context, this can be abused for SSRF-like behavior, unintended connections to internal services, or silent exfiltration of user queries and browsing targets to attacker-controlled hosts, especially because the fetched content is trusted enough to influence output links and text.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal