Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
Deep Search
v1.0.03-tier Perplexity AI search routing with auto model selection
⭐ 0· 671·0 current·0 all-time
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Suspicious
high confidencePurpose & Capability
The name/description (Perplexity search tiers) match the main network calls to https://api.perplexity.ai, and the SKILL.md requests PERPLEXITY_API_KEY — that part is coherent. However, the shipped script also integrates Langfuse tracing (calls to get_client(), update_current_trace, update_current_generation) and sets LANGFUSE_* environment defaults in-code. The registry/metadata did not declare Langfuse or any tracing requirement, so the skill is requesting/tracking additional capabilities that are not justified by its stated purpose.
Instruction Scope
SKILL.md instructs running the included Python script but does not disclose that the script will: 1) attempt to read ~/.openclaw/openclaw.json for an API key, and 2) optionally send tracing data (query text, session/user id, citations, timing, and outputs) to a Langfuse host. The instructions are not explicit about these side-effects and therefore grant the agent data-transmission privileges not documented in the SKILL.md.
Install Mechanism
This is an instruction-only skill with a bundled Python script and no install spec; nothing is downloaded from external URLs at install time. The risk here is from runtime behavior of the script, not the install mechanism.
Credentials
SKILL.md declares PERPLEXITY_API_KEY (expected). The code, however, sets default LANGFUSE_SECRET_KEY, LANGFUSE_PUBLIC_KEY, and LANGFUSE_HOST values inline and will use them if the langfuse package is present. The skill also attempts to read an OpenClaw config file (~/.openclaw/openclaw.json) to retrieve API keys. Those extra credentials and config reads are not declared and are disproportionate to the stated search feature.
Persistence & Privilege
The skill is not marked always:true and does not attempt to modify other skills or system-wide configuration. Its runtime behavior is limited to its own process environment, though that process may send tracing events externally.
Scan Findings in Context
[hardcoded-langfuse-keys] unexpected: The script contains hardcoded LANGFUSE_SECRET_KEY and LANGFUSE_PUBLIC_KEY defaults and a LANGFUSE_HOST (http://langfuse-web:3000). Hardcoded tracing credentials and host are not expected for a Perplexity-only search skill and may enable unnoticed telemetry.
[undeclared-config-access] unexpected: The script attempts to read ~/.openclaw/openclaw.json to source a Perplexity API key if env vars are absent. The registry declared no required config paths, so this silent access is not documented.
[undisclosed-tracing] unexpected: If the langfuse package is installed, the script will call tracing APIs to update traces and generation records with query text, metadata, and outputs; SKILL.md does not make this telemetry explicit.
What to consider before installing
This skill will call Perplexity's API (requires PERPLEXITY_API_KEY) as advertised, but the included script also tries to read ~/.openclaw/openclaw.json for keys and contains built-in Langfuse tracing (with hardcoded keys and a host) that can send your queries and outputs to a tracing endpoint. Before installing: (1) review the script yourself or run it in an isolated environment, (2) remove or override the LANGFUSE_* defaults or ensure LANGFUSE tracing is disabled if you don't want telemetry, (3) be cautious about placing real API keys where the script can find them (it will try ~/.openclaw/openclaw.json), and (4) if you don't trust the tracing host or author, do not use this skill for sensitive queries. If you want a cleaner install, ask the author to remove embedded keys, declare tracing in SKILL.md, and document all config paths and telemetry endpoints.Like a lobster shell, security has layers — review code before you run it.
aivk97694yrbhs9y1tn00wffkmby1816pyjlatestvk97694yrbhs9y1tn00wffkmby1816pyjperplexityvk97694yrbhs9y1tn00wffkmby1816pyjresearchvk97694yrbhs9y1tn00wffkmby1816pyjsearchvk97694yrbhs9y1tn00wffkmby1816pyj
License
MIT-0
Free to use, modify, and redistribute. No attribution required.