ClawHub

Baidu Ecommerce Search

Security checks across malware telemetry and agentic risk

Overview

This is a disclosed Baidu shopping integration that can use an account token, address data, and order workflows, so it is acceptable but should be used carefully for purchases.

Install only if you trust this Baidu ecommerce integration and are comfortable giving it a token tied to shopping actions. Before any order creation, verify the product, SKU, price, shipping address, and account, and avoid providing unnecessary personal address or phone information.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Findings (5)

Missing User Warnings

Medium
Confidence
86% confidence
Finding
The README advertises live order creation, address management, and other state-changing commerce operations without clearly warning that these actions can place real orders or modify user account data. In an agent/tooling context, unclear disclosure increases the risk of accidental purchases or unintended account changes when the skill is invoked by users or automation.

Missing User Warnings

Medium
Confidence
90% confidence
Finding
The README exposes address recognition and address management features that process personal data such as names, phone numbers, and street addresses, but it does not include any privacy notice, data-handling expectations, or consent guidance. In a skill that may be used through agents, this makes accidental collection, transmission, or storage of sensitive personal information more likely.

Missing User Warnings

Medium
Confidence
93% confidence
Finding
The skill handles sensitive personal data for commerce workflows, including recipient names, phone numbers, and shipping addresses, but does not provide an explicit privacy notice, consent language, retention statement, or safe-handling guidance. In a purchasing context this increases the risk of users disclosing personal data without understanding how it will be transmitted, stored, or reused by the service.

Missing User Warnings

Medium
Confidence
96% confidence
Finding
The code appends the authentication token as a query parameter (`params["key"]`) and then builds the full URL before issuing the request. Tokens in URLs are commonly exposed through logs, reverse proxies, browser/history artifacts, monitoring systems, and error telemetry, so even over HTTPS this increases credential leakage risk.

Missing User Warnings

Medium
Confidence
88% confidence
Finding
The create command triggers a state-changing action that appears to place an order immediately via request_api("order_create", ...), but this file provides no explicit confirmation, secondary approval step, or user-facing warning before submission. In an agent skill context, this increases the risk of unintended purchases from ambiguous prompts, prompt injection, or mis-bound parameters causing real-world transactions.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal