ClawHub

Search Web - CN

Security checks across malware telemetry and agentic risk

Overview

This skill provides the advertised web search function by sending user-entered questions to Volcengine and printing the results.

Install only if you are comfortable sending search questions to Volcengine/feedcoopapi using your API credentials. Use a dedicated key if possible, monitor provider usage or billing, and do not include secrets, private source code, internal URLs, personal data, or regulated information in search prompts unless external sharing is approved.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Findings (3)

Missing User Warnings

Medium
Confidence
92% confidence
Finding
The README instructs users to send prompts through a third-party Volcengine search/Q&A API and to configure an API key, but it does not clearly warn that user queries and possibly sensitive development context will be transmitted off-box to an external provider. In an AI coding-tool skill context, users may paste proprietary code, credentials, or internal data into prompts, so the omission creates a real privacy and data-handling risk even though it is a documentation issue rather than an active exploit.

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The skill asks for an API key and bot ID for a third-party service, and its purpose is to perform web search question answering, but it does not clearly warn that user prompts and possibly contextual data will be transmitted to Volcengine's external API. This can lead to unintended disclosure of sensitive prompts, code, or internal context to a third party, especially in AI tooling where users may assume local-only processing.

Missing User Warnings

Medium
Confidence
90% confidence
Finding
The script transmits the user's question, bot ID, and API credential to an external service without any explicit user-facing consent or warning at runtime. In an agent-skill context, users may assume local processing and unintentionally send sensitive prompts or internal data to a third party, creating privacy and compliance risks.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal