zpw-mianfei-web
PassAudited by VirusTotal on May 11, 2026.
Overview
Type: OpenClaw Skill Name: zpw-mianfei-web Version: 1.0.2 The skill is classified as suspicious due to a critical shell injection vulnerability in SKILL.md, where user-provided search queries are directly interpolated into a bash command string without sanitization. While the use of a hardcoded private IP address (192.168.199.100) suggests a local search service, the lack of input validation allows an attacker to execute arbitrary commands on the host system via the search query.
Findings (0)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
A malicious or malformed search query could cause the agent to run unintended local shell commands instead of only performing a search.
The search query is extracted from the user and inserted directly into a shell command. The artifact does not require URL encoding or safe argument construction, so a query containing a single quote or shell metacharacters could alter the command the agent runs.
1. 提取搜索关键词 ... 2. 执行命令: curl -s 'http://192.168.199.100:8080/search?q={{query}}\&format=json'Do not install unless the command is changed to use a safe HTTP client/tool call with proper URL encoding and no shell interpolation of raw user input.
Your search terms would be sent over unencrypted HTTP to whatever host is reachable at 192.168.199.100:8080 on your network, which may not be the intended search service.
The skill relies on a hardcoded private-network HTTP service, but the artifacts provide no homepage, source, install spec, or configuration guidance explaining who operates that service or how the user should verify it.
curl -s 'http://192.168.199.100:8080/search?q={{query}}\&format=json'Only use this if you control or trust the service at that address; prefer a configurable, documented endpoint over a hardcoded private IP.