Baidu Search Node

Security checks across malware telemetry and agentic risk

Overview

This Baidu search skill is mostly a normal web-search scraper, but its documented integration can let a crafted search query run unintended shell commands locally.

Install only if you are comfortable sending search terms to Baidu. Do not copy the execSync wrapper as written; use execFile or spawn with an argument array, validate the result count, and avoid entering secrets, credentials, or confidential project details as search queries.

SkillSpector

By NVIDIA

Vulnerability Patterns

Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep

Findings (1)

Missing User Warnings

Medium

Confidence: 93% confidence
Finding: The skill description emphasizes that it works without an API key but does not clearly disclose that user queries are transmitted to Baidu by scraping live search-result pages. This can mislead users and downstream agents about privacy, compliance, and network egress implications, causing sensitive prompts or internal data to be sent to a third party without informed consent.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal