baidu baike search
Security checks across static analysis, malware telemetry, and agentic risk
Overview
This is a straightforward Baidu Baike lookup skill, with the main caveat that it requires and sends a Baidu API key even though the registry metadata does not declare a credential requirement.
This skill appears purpose-aligned for Baidu Baike searches. Before installing, be aware that it requires a BAIDU_API_KEY and sends lookup requests to Baidu using that key, even though the registry metadata does not list a credential requirement.
Static analysis
No static analysis findings were reported for this release.
VirusTotal
59/59 vendors flagged this skill as clean.
Risk analysis
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
You must provide a Baidu API key, and searches will be made through that authenticated key.
The script requires a Baidu API key and transmits it as an Authorization bearer token to the Baidu API. This is expected for the stated API integration, but users should notice it because the registry metadata declares no required environment variables or primary credential.
if [ -z "$BAIDU_API_KEY" ]; then ... -H "Authorization: Bearer $BAIDU_API_KEY"
Only install if you are comfortable using a Baidu API key for this purpose; use a limited key if available, and the skill metadata should declare BAIDU_API_KEY explicitly.