Back to skill

Security audit

Local Rag Search

Security checks across malware telemetry and agentic risk

Overview

This skill is a coherent web-search helper, with the main caveat that search queries may be sent to external search providers even though result processing is described as local.

Install only if you are comfortable configuring and trusting the separate mcp-local-rag server. Avoid putting secrets, credentials, private identifiers, or sensitive personal data into search queries, because external search providers may receive or log those queries.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Findings (2)

Missing User Warnings

Medium
Confidence
92% confidence
Finding
The README promotes web searching across DuckDuckGo, Google, Bing, Brave, Yahoo, Yandex, and other external engines, but it does not clearly warn that user queries will leave the local environment and be transmitted to third-party providers. This can mislead users because phrases like 'runs locally' and 'No external APIs' may create a false sense of privacy even though search terms themselves may contain sensitive data and are still disclosed externally.

Missing User Warnings

Medium
Confidence
94% confidence
Finding
The skill encourages use of DuckDuckGo, Google, and other web search backends but does not prominently warn up front that user queries will be transmitted to external providers. This can expose sensitive prompts, internal project details, or personal data if a user or agent uses the skill for confidential research, and the later privacy notes are not a sufficient explicit disclosure at the point of use.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.