bocha-web-search-whalecloud

Security checks across malware telemetry and agentic risk

Overview

This is a disclosed Bocha/Whalecloud search skill that uses an API key to send user search queries to a third-party search provider.

Install only if you are comfortable providing a Whalecloud token and sending your search terms to the Whalecloud/Bocha search service. Avoid confidential search queries unless that provider relationship is acceptable, and use a scoped or dedicated token if available.

SkillSpector

By NVIDIA

Vulnerability Patterns

Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access

Findings (2)

Lp3

Medium

Category: MCP Least Privilege
Confidence: 84% confidence
Finding: The skill requires access to an environment secret and performs networked API calls, but it does not declare explicit permissions beyond metadata-style env requirements. This creates a governance gap: reviewers and enforcement systems may not clearly understand that the skill can read a credential and send data off-box, increasing the risk of unintended secret exposure or unreviewed external transmission.

Vague Triggers

Medium

Confidence: 79% confidence
Finding: The trigger conditions are very broad, covering generic search, fact-checking, citations, AI summarization, and many common information requests. Overbroad activation can cause this skill to run in situations where users did not specifically request this provider, leading to unnecessary transmission of prompts or sensitive queries to a third-party search API.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal