Back to skill

Security audit

Cn Web Search 2.0.0

Security checks across malware telemetry and agentic risk

Overview

This is a search helper that sends user queries to public search providers, which matches its stated purpose but carries normal search privacy risk.

Install only if you are comfortable with your search terms being sent to external search providers such as Baidu, Bing, Brave, DuckDuckGo, Reddit, and finance or knowledge sites. Do not use it for passwords, secrets, private company data, or sensitive personal queries.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (4)

Vague Triggers

Medium
Confidence
89% confidence
Finding
The example trigger phrase is very broad and resembles normal conversational input, which increases the chance that the skill activates unintentionally during unrelated user requests. In an agent environment, accidental invocation can redirect queries to external search behavior and change how user input is handled without clear user intent.

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The skill routes user search terms directly to many third-party search engines and APIs, but it does not warn users that their queries will be transmitted externally. Search queries often contain sensitive topics, identifiers, or proprietary terms, so omission of this disclosure can cause unintended privacy leakage and compliance issues.

External Transmission

Medium
Category
Data Exfiltration
Content
### 7.1 DDG Instant Answer API 🆕

```
https://api.duckduckgo.com/?q=QUERY&format=json&no_html=1
```

返回 JSON 格式的即时答案(定义、摘要、相关主题),适合快速获取事实性信息。
Confidence
89% confidence
Finding
https://api.duckduckgo.com/

External Transmission

Medium
Category
Data Exfiltration
Content
web_fetch(url="https://www.jisilu.cn/explore/?keyword=可转债", extractMode="text", maxChars=8000)

# 即时答案(JSON)
web_fetch(url="https://api.duckduckgo.com/?q=Python&format=json&no_html=1", extractMode="text", maxChars=5000)
```

---
Confidence
88% confidence
Finding
https://api.duckduckgo.com/

VirusTotal

61/61 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.