ClawHub

botlearn-google-search

Security checks across malware telemetry and agentic risk

Overview

This is an instruction-only web search helper; its broad triggers may activate often, but the artifacts show no hidden execution, persistence, credential access, or data theft.

Reasonable to install for web-search assistance. Review the broad trigger phrases if you want tighter control over when it activates, and avoid putting passwords, private tokens, confidential business details, or highly sensitive personal information into search requests.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (4)

Vague Triggers

Medium
Confidence
93% confidence
Finding
The trigger phrases are generic everyday language such as "google" and "find information," which makes accidental activation likely across many unrelated user requests. Broad triggers can cause the skill to take over conversations unexpectedly, leading to unintended web-search behavior, context leakage into external search flows, or interference with more appropriate skills.

Shadow Command Trigger

Medium
Category
Trigger Abuse
Confidence
89% confidence
Finding
The trigger phrase 'search for' overlaps with a built-in search command, creating ambiguity about which capability will execute. This can cause the custom skill to intercept requests intended for trusted native functionality, leading to unexpected behavior, loss of user control, or abuse if the skill later adds unsafe logic.

Shadow Command Trigger

Medium
Category
Trigger Abuse
Confidence
91% confidence
Finding
The trigger 'find information' is broad and conflicts semantically with the built-in 'find' behavior, so user requests may invoke this skill when they expected default platform functionality. Even without visible skill body content, trigger shadowing is itself a control-flow risk because it can redirect user intent to less trusted code paths.

Shadow Command Trigger

Medium
Category
Trigger Abuse
Confidence
90% confidence
Finding
The phrase 'find sources' also collides with the built-in 'find' command family and could capture queries about locating references or documents. In this context, the lack of skill content reduces evidence of malicious payloads, but the trigger design still makes the skill more dangerous because it can hijack routine discovery tasks through ambiguous activation.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal