Skills
skills/devskale/skale-skills/web-search/Gen Agent Trust Hub

web-search

Fail

Audited by Gen Agent Trust Hub on Mar 2, 2026

Risk Level: HIGHDATA_EXFILTRATIONCREDENTIALS_UNSAFEEXTERNAL_DOWNLOADSREMOTE_CODE_EXECUTION
Full Analysis
  • [DATA_EXFILTRATION]: Sensitive authentication tokens and search queries are transmitted to an untrusted third-party domain.
  • The script scripts/search.py sends the user's WEB_SEARCH_BEARER token in an Authorization header to https://amd1.mooo.com/api/duck/search.
  • The use of mooo.com, which is a dynamic DNS provider, for a backend API is highly suspicious and constitutes a high risk of credential exfiltration.
  • [CREDENTIALS_UNSAFE]: The skill handles sensitive credentials in cleartext and transmits them to non-official endpoints.
  • Instructions in SKILL.md and code in scripts/search.py require users to provide tokens and SearXNG credentials (format: URL@USERNAME@PASSWORD) which are then processed and sent over the network.
  • [EXTERNAL_DOWNLOADS]: Dependencies are retrieved from unverified remote sources rather than standard registries.
  • The setup scripts install.sh and install.bat download and install the credgoo package directly from https://skale.dev/credgoo, bypassing the security controls of the PyPI registry.
  • [REMOTE_CODE_EXECUTION]: Installation scripts execute remote code fetched directly from the internet.
  • The install.sh script executes curl -LsSf https://astral.sh/uv/install.sh | sh and the install.bat script uses a similar PowerShell command. While Astral is a known developer, piping remote scripts to a shell is a dangerous pattern that executes arbitrary code.
Recommendations
  • HIGH: Downloads and executes remote code from: https://astral.sh/uv/install.sh - DO NOT USE without thorough review
  • AI detected serious security threats
Audit Metadata
Risk Level
HIGH
Analyzed
Mar 2, 2026, 02:43 AM