ClawHub

OpenWebSearch

v1.0.1

Single entry skill for open-websearch setup and focused live retrieval, preferring local CLI/daemon paths while remaining compatible with workspace-exposed M...

1· 52·0 current·0 all-time
byAasee@aas-ee
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
The name/description (open-websearch setup and focused retrieval) aligns with the instructions: detect local CLI/daemon or MCP-exposed tools, prefer the smallest path, validate availability, and perform focused searches/fetches. The allowed tools (search, fetchWebContent, fetchGithubReadme) are appropriate for the stated purpose.
Instruction Scope
SKILL.md contains concrete runtime actions (checking for a local command, running explicit daemon commands like `open-websearch serve` and `open-websearch status`, and guidance for Playwright/browser installation). These are within scope for configuring/using a local websearch agent, and the skill explicitly requires user confirmation before package installs, daemon startup, or config edits. The guidance references environment variables (e.g., PLAYWRIGHT_* and FETCH_WEB_INSECURE_TLS) as configuration knobs but does not instruct blind reading/exfiltration of unrelated system files or secrets.
Install Mechanism
There is no install spec and no code files — this is instruction-only. The document only suggests possible npm installs (e.g., Playwright) but requires confirmation before doing so; no downloads or arbitrary URLs are embedded in the skill itself.
Credentials
The skill declares no required environment variables, credentials, or config paths. It references optional runtime/config env variables as configuration points (for Playwright or TLS fallback), which is proportionate to the stated functionality and only used as guidance rather than mandatory secrets access.
Persistence & Privilege
always:false and default autonomy settings are used. The skill does not request permanent or elevated platform privileges, does not modify other skills' configs, and instructs the agent to prompt before starting daemons or changing workspace/client config.
Assessment
This skill is an instruction-only helper and appears coherent with its stated purpose. It does not demand credentials or install code by itself. Before you proceed, be aware it may ask you to: (a) run local commands like `open-websearch serve`/`status`, (b) allow package installs (e.g., Playwright via npm) or start a local daemon, and (c) provide proxy or endpoint details. Only approve installs or long-running daemon startups if you trust the local package sources and understand network/proxy implications. If you are uncomfortable granting those actions, deny or review each confirmation the skill requests. If you want extra assurance, verify available local binaries and any repository checkouts yourself rather than letting the agent perform installs.

Like a lobster shell, security has layers — review code before you run it.

latestvk97a96azvcx2vwp3k9mdr4fzv1849n8d

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments