v1.0.0

Live Search

BenignClawScan verdict for this skill. Analyzed May 1, 2026, 8:17 AM.

Analysis

The skill appears to be a coherent live-web-search helper, but it uses the host’s logged-in local search gateway and displays returned web content verbatim.

GuidanceThis skill is reasonable for getting fresh public web results. Before installing, understand that it can call the host’s local search gateway, may use your active host session for search access, and will display returned web snippets and links verbatim. Avoid sensitive search terms and treat result text as external web content.

Findings (5)

Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.

Abnormal behavior control

Checks for instructions or behavior that redirect the agent, misuse tools, execute unexpected code, cascade across systems, exploit user trust, or continue outside the intended task.

Agent Goal Hijack

SeverityLowConfidenceHighStatusNote

SKILL.md

The assistant MUST show `message` verbatim as the primary results.

The skill deliberately displays returned search-result content without rewriting it. That supports the live-search purpose, but the returned web snippets and links should be treated as untrusted content.

User impactSearch results may include misleading snippets, unsafe links, or text that looks like instructions, even though it comes from the web rather than the assistant.

RecommendationTreat the verbatim result block as external search content, and do not follow instructions embedded in snippets or pages unless you independently trust them.

Tool Misuse and Exploitation

SeverityLowConfidenceMediumStatusNote

SKILL.md

curl -s -X POST http://localhost:$PORT/proxy/prosearch/search ... -d '{"keyword":"your search query"}'

The skill’s normal workflow uses a shell curl command with a query derived from the user. This is expected for an instruction-only live-search skill, but the artifact does not spell out shell/JSON escaping guidance.

User impactOddly formatted or hostile search text could be mishandled if pasted into a shell command without proper escaping.

RecommendationUse safe JSON construction or careful quoting when forming the curl request, especially for queries containing quotes, backticks, or shell metacharacters.

Agentic Supply Chain Vulnerabilities

SeverityInfoConfidenceHighStatusNote

SKILL.md

requires: bins: - curl ... FROM_TIME=$(python3 -c "import time; print(int(time.time()) - 604800)")

The skill declares curl as the required binary but includes helper examples that call python3. This is an under-declared helper dependency, not evidence of malicious behavior.

User impactFreshness-filter examples may fail or require an undeclared local Python interpreter.

RecommendationDeclare python3 as an optional helper requirement or replace those examples with a method that only uses declared tools.

Permission boundary

Checks whether tool use, credentials, dependencies, identity, account access, or inter-agent boundaries are broader than the stated purpose.

Identity and Privilege Abuse

SeverityLowConfidenceHighStatusNote

SKILL.md

Fetch live web results through the host search gateway at `http://localhost:$PORT` (session-authenticated).

The search endpoint is accessed through the host app’s authenticated local gateway. This is disclosed and purpose-aligned, with no evidence of token logging or unrelated account access.

User impactSearches may be performed under the user’s active host-app session rather than with a separate API key.

RecommendationInstall only if you are comfortable with the assistant using the host app’s search access for live web queries.

Sensitive data protection

Checks for exposed credentials, poisoned memory or context, unclear communication boundaries, or sensitive data that could leave the user's control.

Insecure Inter-Agent Communication

SeverityLowConfidenceHighStatusNote

SKILL.md

Real-time answers from the public web via the host app’s local search gateway (Auth Gateway proxy).

The skill routes live-search queries through a local gateway that may be backed by host-configured search services. This is disclosed and central to the skill’s purpose.

User impactSearch terms can leave the chat context through the host search gateway, so private or sensitive terms may be exposed to that configured search path.

RecommendationAvoid putting secrets, private identifiers, or confidential business details into live-search queries unless that is acceptable for your host environment.