NanoGPT Web Search

Security checks across malware telemetry and agentic risk

Overview

This is a straightforward NanoGPT web search helper that sends user-entered searches to the advertised external API, with no evidence of hidden, destructive, or persistent behavior.

Install only if you are comfortable sending search queries and selected search parameters to NanoGPT and its search providers. Do not include passwords, API keys, private customer data, regulated data, or confidential internal terms in queries unless that use is allowed by your data-handling policy.

SkillSpector

By NVIDIA

Vulnerability Patterns

Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (4)

Lp3

Medium

Category: MCP Least Privilege
Confidence: 92% confidence
Finding: The skill declares environment requirements and explicitly depends on curl/python requests to perform outbound web requests, but it does not declare corresponding permissions. That creates a transparency and policy gap: hosts or users may invoke the skill without realizing it can access secrets from the environment and send data over the network/shell, increasing the chance of unintended data exposure or unsafe execution in permission-aware runtimes.

Missing User Warnings

Medium

Confidence: 96% confidence
Finding: The documentation encourages users to submit arbitrary search queries but does not clearly warn that those queries are transmitted to NanoGPT and potentially onward to multiple third-party search providers. This omission can cause users or calling agents to send sensitive prompts, internal names, credentials, or proprietary research terms to external services without informed consent, which is a real privacy and data-governance risk in a web-search skill.

Missing User Warnings

Medium

Confidence: 95% confidence
Finding: The script sends the user's search query and optional filtering parameters to a third-party service, but it does not provide any explicit notice, confirmation, or redaction safeguards before transmission. This creates a real privacy and data-handling risk because users may unknowingly submit sensitive internal data, credentials, or proprietary terms to an external API.

External Transmission

Medium

Category: Data Exfiltration
Content: ${MAX_RESULTS:+--max-results "$MAX_RESULTS"}) # Make request RESPONSE=$(curl -s -X POST "$API_URL" \ -H "Content-Type: application/json" \ -H "x-api-key: $NANOGPT_API_KEY" \ -d "$JSON_PAYLOAD")
Confidence: 96% confidence
Finding: curl -s -X POST "$API_URL" \ -H "Content-Type: application/json" \ -H "x-api-key: $NANOGPT_API_KEY" \ -d

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal