Felo Search

PassAudited by ClawScan on May 1, 2026.

Overview

The skill is a coherent Felo web-search connector, but it uses a Felo API key and sends search queries to Felo via Bash/curl.

This looks acceptable for a Felo web-search integration. Before installing, make sure you are comfortable configuring a Felo API key and sending search queries to Felo, and avoid using it for sensitive or confidential information.

Findings (3)

Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.

Low

#ASI02: Tool Misuse and Exploitation

What this means

The agent may run Bash/curl locally when using this skill to perform searches.

Why it was flagged

The skill asks the agent to run local shell commands to create a request file and call the Felo API. This is expected for the stated web-search purpose, but users should notice that it relies on command execution rather than a scoped built-in connector.

Skill content

When this skill is triggered, execute the following steps using the Bash tool ... curl -s -X POST https://openapi.felo.ai/v2/chat

Recommendation

Use it only in an environment where local Bash/curl execution is acceptable, and ensure user queries are encoded safely before being placed into the JSON request.

Low

#ASI03: Identity and Privilege Abuse

What this means

Anyone or any process with access to the configured environment variable could potentially use the Felo API key.

Why it was flagged

The skill requires a Felo API key and uses it as a bearer token for requests. This is purpose-aligned for a Felo integration, but it is still delegated account access.

Skill content

Set the `FELO_API_KEY` environment variable ... -H "Authorization: Bearer $FELO_API_KEY"

Recommendation

Use a dedicated, revocable API key, avoid pasting it into chat, and rotate or remove it if the skill is no longer needed.

Low

#ASI07: Insecure Inter-Agent Communication

What this means

Private or sensitive details included in a search query may be transmitted to Felo.

Why it was flagged

The documented data flow sends the user's search query to an external Felo API endpoint. This is disclosed and central to the skill, but it means query content is shared with a third-party provider.

Skill content

Extract the user's query and call the Felo API ... curl -s -X POST https://openapi.felo.ai/v2/chat ... -d @/tmp/felo_query.json

Recommendation

Avoid using the skill for confidential personal, business, or credential-related queries unless sharing that information with Felo is acceptable.