Kagi

Security checks across malware telemetry and agentic risk

Overview

This is a straightforward Kagi search and FastGPT helper that uses a user-provided Kagi API token and does not show hidden or persistent behavior.

Install this only if you are comfortable sending search queries and FastGPT prompts to Kagi and using a Kagi API token from your environment. Avoid putting secrets, personal data, or regulated information in queries, and expect API usage to consume Kagi quota.

SkillSpector

By NVIDIA

Vulnerability Patterns

Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep

Findings (1)

Missing User Warnings

Low

Confidence: 94% confidence
Finding: The skill explicitly instructs users to export a Kagi API token and send search queries/questions to Kagi’s external API, but it does not warn that user prompts and potentially sensitive research terms will be transmitted to a third party. This is a real privacy and data-handling issue because users may assume searches stay local or are only handled by the host agent environment.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal