External Transmission
Medium
- Category
- Data Exfiltration
- Content
```json { "url": "https://api.qwryai.com/mcp", "headers": { "Authorization": "Bearer ${QWRYAI_API_KEY}" }- Confidence
- 79% confidence
- Finding
- https://api.qwryai.com/
QwryAI
Security checks across static analysis, malware telemetry, and agentic risk
Overview
This is a disclosed read-only connector to QwryAI, with the main risk being normal handling of a sensitive API key and workspace data access.
Install only if you trust QwryAI and the chosen agent with read-only access to the selected workspace data. Keep QWRYAI_API_KEY in a private environment variable or secret manager, avoid committing MCP config files containing tokens, and leave endpoint settings pointed at the official QwryAI HTTPS host unless you deliberately control the alternative endpoint.
Publisher note
Read-only QwryAI remote MCP skill. Requires network access only to https://api.qwryai.com. QwryAI validates paid workspace access on every request and this skill stores no secrets.
SkillSpector (2)
By NVIDIA
External Transmission
Medium
- Category
- Data Exfiltration
- Content
{ "mcpServers": { "qwryai": { "url": "https://api.qwryai.com/mcp", "headers": { "Authorization": "Bearer ${QWRYAI_API_KEY}" }- Confidence
- 79% confidence
- Finding
- https://api.qwryai.com/
Static analysis
No static analysis findings were reported for this release.
VirusTotal
63/63 vendors flagged this skill as clean.