Bocha Web Search

Security checks across malware telemetry and agentic risk

Overview

This is a coherent Bocha search connector that sends search and reranking requests to Bocha using the user's API key, with no hidden persistence or unrelated local access found.

Install this only if you intend to use Bocha as an external search provider. Use a dedicated Bocha API key, avoid secrets or confidential material in queries and raw JSON payloads, and be aware that generic web or AI search requests may route through Bocha.

SkillSpector

By NVIDIA

Vulnerability Patterns

Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (2)

Vague Triggers

Medium

Confidence: 92% confidence
Finding: The skill description uses very broad trigger phrases such as '联网搜索', 'AI 搜索', '事实核查', and '行业研报检索', which can match many ordinary user requests and cause the skill to be invoked more often than users expect. Because this skill sends user queries to an external Bocha API, over-broad routing increases the chance of unintended external data disclosure and unnecessary third-party processing.

Missing User Warnings

Medium

Confidence: 97% confidence
Finding: The skill does not clearly warn that user queries and supplied parameters are transmitted to an external third-party search API. In a search skill, this omission is security-relevant because users may include sensitive prompts, internal project names, or confidential research topics without realizing that the data leaves the local agent environment.

VirusTotal

60/60 vendors flagged this skill as clean.

View on VirusTotal