Security audit

Google News Api Skill

Security checks across malware telemetry and agentic risk

Overview

This appears to be a legitimate Google News/BrowserAct integration, but it needs review because it encourages broad automatic third-party use and unsafe API-key handling.

Install only if you are comfortable sending news search terms and task parameters to BrowserAct. Configure BROWSERACT_API_KEY through a secure environment variable or secret manager, do not paste the key into chat, and use the skill only for intentional third-party news collection.

SkillSpector

By NVIDIA

Vulnerability Patterns

Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (2)

Vague Triggers

Medium

Confidence: 89% confidence
Finding: The manifest instructs the agent to proactively apply the skill for a very broad set of common research, monitoring, and news-related tasks. This can cause over-invocation of a third-party-integrated skill, leading to unnecessary data disclosure, unintended API usage, and reduced user awareness that their query is being sent externally.

Missing User Warnings

Medium

Confidence: 94% confidence
Finding: The skill description emphasizes functionality but does not clearly warn that user-provided search terms will be transmitted to BrowserAct, a third-party service. In a research and monitoring context, queries may contain sensitive corporate interests, names, investigations, or incident-related topics, so lack of disclosure creates a meaningful privacy and data-handling risk.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal