Duckduckgo Search Backup

Security checks across malware telemetry and agentic risk

Overview

This is a disclosed DuckDuckGo search helper with some setup and dependency-installation risk, but no evidence of hidden, destructive, or unrelated behavior.

Install only if you are comfortable letting the agent use Python and package managers for this search workflow. Consider pinning or reviewing the duckduckgo-search dependency, and avoid putting secrets or sensitive private information into search queries.

SkillSpector

By NVIDIA

Vulnerability Patterns

Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access

Findings (2)

Description-Behavior Mismatch

Medium

Confidence: 89% confidence
Finding: The skill is scoped as a web-search capability, but the documentation also instructs users to install packages and write search results to local files. This broadens the operational surface beyond search into environment modification and persistence, which can normalize unnecessary side effects and increase the chance an agent performs unsafe local actions under the guise of a simple search task.

Context-Inappropriate Capability

Medium

Confidence: 95% confidence
Finding: The allowed tools include pip and uv package-management access even though the declared purpose is only to perform DuckDuckGo searches. Granting install capabilities violates least privilege and can be abused to fetch and execute arbitrary code or alter the local environment, especially if an agent decides dependencies are 'missing' and self-installs them.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal