ragret-search

Security checks across malware telemetry and agentic risk

Overview

This instruction-only skill is a disclosed helper for querying a RAGret knowledge-base service, with a minor caution around confirming the server URL before use.

Install only if you intend your agent to query a RAGret service. Before using it, confirm the RAGret base URL and use a least-privilege API key scoped to the indexes you want searched; avoid sending sensitive queries to any service you do not control or trust.

SkillSpector

By NVIDIA

Vulnerability Patterns

Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep

Findings (1)

Missing User Warnings

Medium

Confidence: 93% confidence
Finding: The skill instructs the agent to default to `http://127.0.0.1:8765` when the base URL is unclear, which can trigger an unsolicited network request and send the user's query to a service the user did not explicitly choose. Even though the target is localhost, it may expose sensitive prompts or data to a locally running service, forwarded port, containerized app, or internal proxy, and the skill does not require a clear user-facing warning before transmission.

VirusTotal

63/63 vendors flagged this skill as clean.

View on VirusTotal