Back to skill

Security audit

yula-web-search

Security checks across malware telemetry and agentic risk

Overview

This is a disclosed web-search helper, but its broad activation and unsafe shell/Python examples need review before use.

Install only if you are comfortable with user queries and selected pages being sent to public search engines and websites. Do not use the provided query-encoding shell snippets as-is with untrusted text; pass query text as an argument or stdin instead of interpolating it into python3 -c.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (2)

Vague Triggers

High
Confidence
97% confidence
Finding
The manifest advertises extremely broad trigger phrases such as 'search', 'look up', 'find latest', and 'check the web', which are common in ordinary conversation. In an agent environment this can cause the skill to activate unexpectedly and initiate outbound web requests and content retrieval without sufficiently explicit user intent, increasing the chance of unintended data disclosure or network access.

Missing User Warnings

Medium
Confidence
94% confidence
Finding
The skill description emphasizes convenience and 'just works' behavior but does not clearly warn that user queries will be transmitted to third-party search engines and that content from external websites will be fetched and processed. This reduces informed consent and can expose sensitive prompts, internal URLs, or user interests to external services.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.