Back to skill

Security audit

Google Research Pro

Security checks across malware telemetry and agentic risk

Overview

This skill is a disclosed Google search helper, but it asks the agent to bypass Google bot detection, run an unreviewed local Python script, and forward results to Telegram.

Review before installing. Only use this after inspecting or replacing the referenced bot.py with code you trust, confirming the Telegram destination before each send, using a dedicated low-privilege bot token, and avoiding sensitive queries or Google account credentials.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Findings (1)

Missing User Warnings

Medium
Confidence
96% confidence
Finding
The skill sends collected search results to an external Telegram destination, but the description does not clearly warn users up front that their query-derived content leaves the local environment. This creates a data exfiltration and privacy risk, especially if users search for sensitive internal terms, credentials, incident details, or proprietary project names without realizing the output is forwarded to a third party.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.