baidu web search

Security checks across malware telemetry and agentic risk

Overview

This appears to be a legitimate Baidu web search skill, with manageable risks around sending search queries to Baidu and protecting the Baidu API key.

Install only if you are comfortable sending search terms to Baidu and using a Baidu Qianfan API key. Keep the key in private platform secrets or a local config, avoid putting sensitive/private text into search queries, invoke the skill only when web lookup is intended, and consider pinning/updating dependencies with a lockfile in controlled environments.

SkillSpector

By NVIDIA

Vulnerability Patterns

Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (2)

Vague Triggers

Medium

Confidence: 93% confidence
Finding: The top-level description includes broad phrases like `查一下`, `搜一下`, `最近`, `今天`, and `今年`, which are common in ordinary conversation and may trigger the skill when the user did not actually intend web access. Over-broad invocation can cause unnecessary external requests, unintended data disclosure in queries, and tool overuse in contexts where local reasoning would be safer or sufficient.

Vague Triggers

Medium

Confidence: 95% confidence
Finding: The `何时使用` section repeats ambiguous trigger phrases without strong boundaries, encouraging invocation on loosely related requests such as generic mentions of recency or verification. In practice, this raises the chance that user prompts containing sensitive terms or incidental phrases are sent to an external search API without a sufficiently explicit user choice.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal