Audit History
perplexity-search - 4 audits
Audit version 4
Latest SafeJan 17, 2026, 07:21 AM
This is a legitimate web search API client. Static scanner flagged 362 patterns as potential issues, but ALL are false positives. The skill performs standard API client operations: reading user-provided API keys from environment variables, making HTTPS requests to OpenRouter API, and saving search results. The credential access + network pattern is expected and legitimate for any authenticated API client. No data exfiltration, no unauthorized access, no malicious behavior.
Risk Factors
🔑 Env variables (3)
🌐 Network access (3)
📁 Filesystem access (2)
Audit version 3
SafeJan 17, 2026, 07:21 AM
This is a legitimate web search API client. Static scanner flagged 362 patterns as potential issues, but ALL are false positives. The skill performs standard API client operations: reading user-provided API keys from environment variables, making HTTPS requests to OpenRouter API, and saving search results. The credential access + network pattern is expected and legitimate for any authenticated API client. No data exfiltration, no unauthorized access, no malicious behavior.
Risk Factors
🔑 Env variables (3)
🌐 Network access (3)
📁 Filesystem access (2)
Audit version 2
Low RiskJan 12, 2026, 04:32 PM
The static analyzer generated many false positives. After manual review, this is a legitimate scientific research tool with standard API key management and network requests. No actual security vulnerabilities were found in the code.
Risk Factors
🌐 Network access (1)
🔑 Env variables (1)
📁 Filesystem access (1)
Audit version 1
Low RiskJan 4, 2026, 05:38 PM
The skill performs legitimate web search functionality using Perplexity AI models through OpenRouter. Code is straightforward, well-documented, and implements appropriate security practices. Only accesses necessary environment variables and makes documented API calls.