ClawHub

duckduckgo-search-skills

Security checks across malware telemetry and agentic risk

Overview

This is a straightforward DuckDuckGo search helper; the main caution is that search terms are sent to DuckDuckGo and results are untrusted web content.

Install only if you are comfortable sending search queries to DuckDuckGo. Do not search for secrets, credentials, private internal URLs, or personal data, and treat returned titles, snippets, and URLs as untrusted web content.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (4)

Lp3

Medium
Category
MCP Least Privilege
Confidence
90% confidence
Finding
The skill documentation describes network-based web search and optional content fetching, but the metadata declares only a binary requirement and no explicit permissions. In an agent ecosystem, missing permission declarations can bypass user or platform expectations and lead to unreviewed outbound requests involving user queries and visited URLs.

Vague Triggers

Medium
Confidence
88% confidence
Finding
The automatic trigger example is broad enough to match ordinary conversation, which can cause unintended skill invocation. In a networked search skill, accidental activation may leak user prompts or sensitive context to DuckDuckGo or fetched sites without clear user intent.

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The documentation does not clearly warn that search queries and optional content-fetch targets are transmitted to external services. This matters because users may enter sensitive data into search prompts, and enabling content fetching can contact third-party sites, exposing browsing intent and metadata.

Natural-Language Policy Violations

Medium
Confidence
80% confidence
Finding
Hard-coding Accept-Language to zh-CN/zh leaks a user-irrelevant locale preference to DuckDuckGo and any intermediaries, which can increase fingerprintability and may surprise users expecting a privacy-focused search tool. In a search skill, outbound requests are expected, but silently forcing a specific locale undermines privacy and can alter results in a way the user did not request.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal