Back to skill

Security audit

Multi-Search Fallback

Security checks across malware telemetry and agentic risk

Overview

This is a transparent multi-source search helper, but users should treat search terms as shareable with multiple providers.

Install this if you want automatic fallback and cross-checking across search providers. Avoid using it for secrets, private internal topics, regulated data, or queries you would not want sent to multiple external search services.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (1)

Vague Triggers

High
Confidence
96% confidence
Finding
The trigger pattern is extremely broad (e.g. 搜索, 查, 研究, 验证, compare, sources), making the skill likely to activate on many ordinary user requests that merely mention searching, checking, or research. In an agent system, this can cause unintended routing, override more appropriate specialized skills, and systematically expand tool use to external search providers, increasing data exposure and reducing least-privilege behavior.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.