Security audit

Smart Search Fallback

Security checks across malware telemetry and agentic risk

Overview

This is a coherent web-search fallback skill, but its helper script can put raw search text into executable Python and should be reviewed before installation.

Install only if you are comfortable with web-search queries and URLs leaving your environment through multiple providers. Avoid using it with secrets, private repository URLs, internal hostnames, customer data, or sensitive personal information. The fallback-search helper should be fixed to URL-encode and safely pass the query into Python before relying on it in automated workflows.

SkillSpector

By NVIDIA

Vulnerability Patterns

Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (2)

Vague Triggers

High

Confidence: 96% confidence
Finding: The trigger text is extremely broad, effectively claiming any scenario requiring networked information retrieval. This can cause the skill to be invoked for unrelated tasks and may route sensitive user prompts or URLs to external services without a narrow purpose boundary or explicit consent.

Missing User Warnings

Medium

Confidence: 95% confidence
Finding: The skill coordinates multiple external providers, crawlers, and remote browsing tools, but the description does not clearly warn that user queries and visited URLs may be transmitted to third parties. This creates a privacy and data-handling risk, especially when automatic fallback silently changes providers.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal