Security audit
Kagi
Security checks across malware telemetry and agentic risk
Overview
This skill is a straightforward Kagi search/FastGPT helper that uses a user-provided Kagi API token and does not show hidden, persistent, or destructive behavior.
Install this only if you are comfortable sending search queries and FastGPT prompts to Kagi using your Kagi API token. Avoid putting secrets, personal data, or regulated information into queries, and expect API usage to consume Kagi quota.
SkillSpector
By NVIDIA
Vulnerability Patterns
- Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
- Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
- Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
- Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
- Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
VirusTotal
64/64 vendors flagged this skill as clean.
Static analysis
No suspicious patterns detected.
