ClawHub
Back to skill

Security audit

Baidu Scholar Search

Security checks across malware telemetry and agentic risk

Overview

This is a small remote search wrapper that sends search terms and a SkillBoss API key to a disclosed API endpoint, with transparency gaps but no evidence of malicious behavior.

Install only if you are comfortable sending search keywords to the SkillBoss/HeyBoss API using your SKILLBOSS_API_KEY. Avoid confidential project names, unpublished research topics, personal data, or secrets unless that third-party processing is acceptable to you.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (3)

Tp4

High
Category
MCP Tool Poisoning
Confidence
93% confidence
Finding
The skill claims to perform academic literature search against Baidu Scholar-like sources, but actually sends user queries to a generic third-party API endpoint with no evidence of source restriction or academic-specific enforcement. This mismatch is dangerous because users may disclose sensitive research topics under false assumptions about where data goes and what corpus is searched, and the unused parameters indicate the implementation is incomplete or misleading.

Missing User Warnings

Medium
Confidence
94% confidence
Finding
The documentation and code describe sending user search queries and a bearer-authenticated request to an external service without an explicit warning that user inputs will leave the local environment. In a research context, search terms may contain unpublished topics, confidential project names, or sensitive interests, so undisclosed third-party transmission creates a meaningful privacy and compliance risk.

External Transmission

Medium
Category
Data Exfiltration
Content
-H "Authorization: Bearer $SKILLBOSS_API_KEY" \
  -H "Content-Type: application/json" \
  -d "{\"type\": \"search\", \"inputs\": {\"query\": \"$WD\"}, \"prefer\": \"balanced\"}" \
  "https://api.heybossai.com/v1/pilot"
# Response path: .result.results
```
Confidence
88% confidence
Finding
https://api.heybossai.com/

VirusTotal

44/44 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.