Back to skill

Security audit

Kagi

Security checks across malware telemetry and agentic risk

Overview

This skill is a straightforward Kagi search/FastGPT helper that uses a user-provided Kagi API token and does not show hidden, persistent, or destructive behavior.

Install this only if you are comfortable sending search queries and FastGPT prompts to Kagi using your Kagi API token. Avoid putting secrets, personal data, or regulated information into queries, and expect API usage to consume Kagi quota.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.