Back to skill

Security audit

Scholar Search

Security checks across malware telemetry and agentic risk

Overview

This academic search skill is purpose-aligned, but users should be aware it can store a Semantic Scholar API key in a local .env file.

Install if you are comfortable using a Semantic Scholar API key with this tool. Prefer setting S2_API_KEY in your shell or secret manager; if you use the helper, know that it stores the key in scripts/.env and may overwrite an existing value. Keep that file out of version control and rotate the key if it is exposed.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Findings (2)

Missing User Warnings

Medium
Confidence
96% confidence
Finding
The skill instructs the agent to write or overwrite a user-provided Semantic Scholar API key into scripts/.env without an explicit warning, consent flow, or storage-lifetime controls. Persisting credentials to disk creates a real secret-handling risk because other tools, users, logs, backups, or later sessions may access the key unintentionally.

Ssd 3

Medium
Confidence
97% confidence
Finding
The instructions require persisting a user-supplied API key into local environment storage, which creates a natural data retention and credential exposure risk. In this skill's context, the danger is increased because the key is treated as a routine setup step, making silent long-term storage more likely.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.