Docs Lookup
Security checks across static analysis, malware telemetry, and agentic risk
Overview
This instruction-only skill is coherent and purpose-aligned, with the main consideration that search terms are sent to an external docs service and some endpoints are described as paid.
This skill appears safe to install for documentation lookup. Be aware that queries go to docs.agentutil.net, so keep searches generic and do not include secrets or confidential user/project details. Also check whether your environment allows paid x402 requests if you want to avoid per-query charges.
Static analysis
No static analysis findings were reported for this release.
VirusTotal
VirusTotal findings are pending for this skill version.
Risk analysis
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
Search text may leave the local agent and be processed by an external service.
The skill's core function depends on sending query text to docs.agentutil.net. This is disclosed and purpose-aligned, but users should avoid including sensitive project details in search terms.
This skill sends search queries (short text strings) to an external API.
Use generic documentation search terms when possible, and avoid including secrets, private code, customer data, or confidential implementation details in queries.
If the surrounding agent environment supports paid x402 requests, repeated use could incur small charges.
The documented query and lookup endpoints may be associated with per-use pricing. No payment credentials or automatic payment setup are shown, so this is a disclosure note rather than a security concern.
Paid tier: $0.003/query, $0.002/lookup via x402 protocol (USDC on Base)
Confirm whether paid requests are enabled in your environment and set usage limits or approval prompts if cost control matters.