serpapi

https://raw.githubusercontent.com/vm0-ai/vm0-skills/main/serpapi/SKILL.md

github.com/vm0-ai/vm0-skills

Scanned Thu, 28 May 2026 17:48:30 GMT

Scan ID crawl-goagainu6h2kwychksscr355 · 2ms

SCORE 0 / 100

Verdict: Do not install

12 critical findings.

This skill leaks data via URL parameters ($SERPAPI_TOKEN) plus 12 other issues listed below.

12 critical0 high1 medium-1 rules passed

Why grade F?

score · 0 / 100

The current grade reflects 12 critical findings (any 2+ CRITs → F).

12 CRIT0 HIGH1 MED0 LOW

To reach a higher grade

D
Reach Dtarget score 30
Resolve 11 of your 12 CRIT findings — any single CRIT still keeps you at D.
C
Reach Ctarget score 55
Resolve all 12 CRIT findings.
B
Reach Btarget score 75
Resolve all 12 CRIT.
A
Reach Atarget score 95
Resolve all 12 CRIT.

Thresholds are documented at /docs/grading. Source-of-truth is the grade() function in @skillox/scanner.

Findings · ordered by severity

crit

URL embeds a credential variable

The skill builds a URL that interpolates a secret into the query string. If the agent makes this request, the credential leaves the trust boundary.

rule: url-exfiltrationline: 22CWE-200

▾

21```bash

22curl -s "https://serpapi.com/search?engine=google&q=artificial+intelligence&api_key=$SERPAPI_TOKEN" | jq '.organic_results[:3] | .[] | {title, link, snippet}'← URL interpolates a credential into the query string

23```

crit

URL embeds a credential variable

The skill builds a URL that interpolates a secret into the query string. If the agent makes this request, the credential leaves the trust boundary.

rule: url-exfiltrationline: 30CWE-200

▾

29```bash

30curl -s "https://serpapi.com/search?engine=google&q=best+coffee+shops&location=San+Francisco,+California&gl=us&hl=en&api_key=$SERPAPI_TOKEN" | jq '.organic_results[:3]'← URL interpolates a credential into the query string

31```

crit

URL embeds a credential variable

The skill builds a URL that interpolates a secret into the query string. If the agent makes this request, the credential leaves the trust boundary.

rule: url-exfiltrationline: 43CWE-200

▾

42```bash

43curl -s "https://serpapi.com/search?engine=google_images&q=sunset+beach&api_key=$SERPAPI_TOKEN" | jq '.images_results[:3] | .[] | {title, original, thumbnail}'← URL interpolates a credential into the query string

44```

crit

URL embeds a credential variable

The skill builds a URL that interpolates a secret into the query string. If the agent makes this request, the credential leaves the trust boundary.

rule: url-exfiltrationline: 51CWE-200

▾

50```bash

51curl -s "https://serpapi.com/search?engine=google_news&q=technology&api_key=$SERPAPI_TOKEN" | jq '.news_results[:3] | .[] | {title, link, source, date}'← URL interpolates a credential into the query string

52```

crit

URL embeds a credential variable

The skill builds a URL that interpolates a secret into the query string. If the agent makes this request, the credential leaves the trust boundary.

rule: url-exfiltrationline: 59CWE-200

▾

58```bash

59curl -s "https://serpapi.com/search?engine=google_shopping&q=wireless+headphones&api_key=$SERPAPI_TOKEN" | jq '.shopping_results[:3] | .[] | {title, price, source}'← URL interpolates a credential into the query string

60```

crit

URL embeds a credential variable

The skill builds a URL that interpolates a secret into the query string. If the agent makes this request, the credential leaves the trust boundary.

rule: url-exfiltrationline: 67CWE-200

▾

66```bash

67curl -s "https://serpapi.com/search?engine=youtube&search_query=python+tutorial&api_key=$SERPAPI_TOKEN" | jq '.video_results[:3] | .[] | {title, link, channel, views}'← URL interpolates a credential into the query string

68```

crit

URL embeds a credential variable

The skill builds a URL that interpolates a secret into the query string. If the agent makes this request, the credential leaves the trust boundary.

rule: url-exfiltrationline: 75CWE-200

▾

74```bash

75curl -s "https://serpapi.com/search?engine=google_maps&q=restaurants&ll=@40.7128,-74.0060,15z&api_key=$SERPAPI_TOKEN" | jq '.local_results[:3] | .[] | {title, rating, address}'← URL interpolates a credential into the query string

76```

crit

URL embeds a credential variable

The skill builds a URL that interpolates a secret into the query string. If the agent makes this request, the credential leaves the trust boundary.

rule: url-exfiltrationline: 81CWE-200

▾

80```bash

81curl -s "https://serpapi.com/search?engine=google_maps&q=3PL&location=Dallas-Fort+Worth,+Texas&z=14&api_key=$SERPAPI_TOKEN"← URL interpolates a credential into the query string

82```

crit

URL embeds a credential variable

The skill builds a URL that interpolates a secret into the query string. If the agent makes this request, the credential leaves the trust boundary.

rule: url-exfiltrationline: 87CWE-200

▾

86```bash

87curl -s "https://serpapi.com/search?engine=google_maps&q=3PL&ll=@32.7767,-96.7970,14z&api_key=$SERPAPI_TOKEN" \← URL interpolates a credential into the query string

88 | jq 'if has("error") then .error else (.local_results[:5] | map({title,address,phone,website,link,type})) end'

89```

crit

URL embeds a credential variable

The skill builds a URL that interpolates a secret into the query string. If the agent makes this request, the credential leaves the trust boundary.

rule: url-exfiltrationline: 100CWE-200

▾

98```bash

99# First page (results 1-10)

100curl -s "https://serpapi.com/search?engine=google&q=machine+learning&start=0&api_key=$SERPAPI_TOKEN" | jq '.organic_results | length'← URL interpolates a credential into the query string

101

102# Second page (results 11-20)

crit

URL embeds a credential variable

The skill builds a URL that interpolates a secret into the query string. If the agent makes this request, the credential leaves the trust boundary.

rule: url-exfiltrationline: 103CWE-200

▾

101

102# Second page (results 11-20)

103curl -s "https://serpapi.com/search?engine=google&q=machine+learning&start=10&api_key=$SERPAPI_TOKEN" | jq '.organic_results | length'← URL interpolates a credential into the query string

104```

105

crit

URL embeds a credential variable

The skill builds a URL that interpolates a secret into the query string. If the agent makes this request, the credential leaves the trust boundary.

rule: url-exfiltrationline: 111CWE-200

▾

109

110```bash

111curl -s "https://serpapi.com/account?api_key=$SERPAPI_TOKEN" | jq '{plan_name, searches_per_month, this_month_usage}'← URL interpolates a credential into the query string

112```

113

med

No capability manifest declared

The skill ships without a `manifest.yaml` or `capabilities` block in its frontmatter. Without a manifest, the runtime cannot enforce what this skill is permitted to do.

rule: no-manifest

▾

Scan another →Share

skillox.io/r/crawl-goagainu6h2kwychksscr355