Back to skill

Security audit

Duckduckgo Search 1.0.0

Security checks across malware telemetry and agentic risk

Overview

This is a straightforward DuckDuckGo search helper with disclosed setup and search examples, though users should review broad Python/package-install permissions.

Install it in an isolated environment if possible, consider pinning the duckduckgo-search package version, review any proposed Python/pip/uv command before running it, and do not search for credentials or sensitive private content.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (2)

Context-Inappropriate Capability

Medium
Confidence
91% confidence
Finding
The skill grants Bash(pip:*), Bash(uv:*), and Bash(python:*), which exceeds a narrowly scoped web-search capability and enables arbitrary package installation and script execution. In an agent setting, this broad tool access can be abused to fetch and run untrusted code or expand the environment far beyond simple search, increasing the attack surface.

Context-Inappropriate Capability

Low
Confidence
78% confidence
Finding
The documentation includes a pattern for writing search results to local JSON files, which is not necessary for a search-only skill and introduces persistence of external content on disk. While not inherently malicious, this can create unnecessary data retention, overwrite risks, or downstream misuse if agents save sensitive queries or untrusted content locally.

VirusTotal

55/55 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.