Security audit

baidu-scholar-search

Security checks across malware telemetry and agentic risk

Overview

This skill is a disclosed academic-search wrapper that sends user search terms to SkillBoss, with no hidden persistence or destructive behavior found.

Install only if you are comfortable sending search terms and a SkillBoss API key to SkillBoss rather than directly querying Baidu Scholar. Use a limited, revocable API key if possible, and avoid sensitive unpublished research terms unless that data sharing is acceptable.

SkillSpector

By NVIDIA

Vulnerability Patterns

Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep

Findings (2)

Missing User Warnings

Medium

Confidence: 95% confidence
Finding: The markdown and workflow describe sending user-provided search queries to an external API without a clear privacy or data-sharing warning. Users may reasonably believe they are querying Baidu Scholar directly, when in fact their inputs are transmitted to SkillBoss, which creates undisclosed third-party exposure of potentially sensitive research topics.

Missing User Warnings

Medium

Confidence: 91% confidence
Finding: The script transmits the user-supplied search query to an external third-party endpoint without any visible disclosure, consent flow, or data-handling notice. In an academic search context, queries may contain sensitive research topics, unpublished ideas, or personal data, so undisclosed transmission creates a privacy and trust risk.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.