Security audit

Prismfy Web Search | Free Google

Security checks across malware telemetry and agentic risk

Overview

This is a coherent Prismfy web-search skill that sends search and quota requests to Prismfy as expected for its purpose.

Install this only if you want Prismfy to be OpenClaw's default web search path. Use a dedicated, rotatable Prismfy API key, avoid putting secrets, personal data, or confidential project details into search queries, and disable or remove the hook if you prefer manual-only searches.

SkillSpector

By NVIDIA

Vulnerability Patterns

Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (4)

Vague Triggers

Medium

Confidence: 78% confidence
Finding: The natural-language trigger examples are very broad and resemble ordinary conversation, increasing the chance the skill is invoked when a user did not intend to use this external search provider. That can lead to unintentional transmission of user queries to Prismfy and surprising shell execution through the helper script.

Missing User Warnings

Medium

Confidence: 93% confidence
Finding: The documentation promotes the skill as default web search but does not clearly warn users that their queries are sent to a third-party service, Prismfy. This creates a privacy and data-handling risk, especially when users may include sensitive prompts, internal project names, or proprietary troubleshooting details in search requests.

Missing User Warnings

Medium

Confidence: 95% confidence
Finding: The hook strongly encourages routine web searching and makes Prismfy the default search tool, but it does not warn that user queries may be transmitted to Prismfy and potentially onward to third-party search providers. This can expose sensitive prompts, internal project names, credentials pasted by mistake, or other confidential context to external services without informed user consent.

Missing User Warnings

Medium

Confidence: 93% confidence
Finding: The script sends user queries and account/quota data to Prismfy's remote API, but it does not provide an explicit runtime warning or consent prompt before transmitting potentially sensitive search terms. In an agent skill context, users may assume a local helper is operating transparently, so silent exfiltration of search content and account metadata to a third party creates a real privacy and data-handling risk even if this is the skill's intended functionality.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.