ClawHub

Web Search

PassAudited by VirusTotal on May 12, 2026.

Overview

Type: OpenClaw Skill Name: web-search Version: 1.0.0 The skill provides web search functionality using the legitimate `duckduckgo-search` library. The `SKILL.md` documentation is clear and does not contain any prompt injection attempts or instructions for malicious behavior. The `scripts/search.py` code is well-structured and primarily interacts with the DuckDuckGo API. However, the script includes a `--output` argument that allows writing search results to an arbitrary file path specified by the user. While this is a documented and plausible feature for saving results, it represents a file write capability that, if misused by a compromised or maliciously prompted agent, could lead to writing data to sensitive system locations. This constitutes a risky capability without clear malicious intent, classifying it as suspicious.

Findings (0)

Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.

NoteHigh Confidence
ASI04: Agentic Supply Chain Vulnerabilities
What this means

Installing the skill may require trusting the current PyPI release of duckduckgo-search and its dependencies.

Why it was flagged

The skill relies on a third-party PyPI package installed without a version pin or lockfile. This is central to the stated search function, but it creates a normal supply-chain dependency users should recognize.

Skill content
pip install duckduckgo-search
Recommendation

Install from a trusted Python environment and consider pinning or reviewing the package version for controlled or production use.

NoteHigh Confidence
ASI07: Insecure Inter-Agent Communication
What this means

Search terms may reveal interests, research topics, or sensitive subjects to the external search service or network path.

Why it was flagged

The script passes the user's query to the DuckDuckGo search client. This is expected for a web search tool, but it means search terms are shared with an external provider.

Skill content
results = list(ddgs.text(
                    keywords=query,
                    region=self.region,
                    safesearch=self.safe_search,
Recommendation

Avoid using confidential secrets, private personal data, or sensitive internal information as search queries unless sharing them with the external search provider is acceptable.