ClawHub

Openclaw Multi Search Engine

v1.0.0

Multi search engine integration with 17 engines (8 CN + 9 Global). Supports advanced search operators, time filters, site search, privacy engines, and Wolfra...

1· 1.4k·14 current·18 all-time
by@djttt
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
Name/description match the contents: SKILL.md and config.json list 17 search engines and show URL templates. No unrelated credentials, binaries, or installs are requested. The resources requested are proportionate to a search-URL aggregator.
Instruction Scope
Runtime instructions only show calls like web_fetch({url: ...}) to public search engine URLs. The instructions do not ask the agent to read local files, environment variables, or to transmit data to unexpected endpoints. Note: queries are sent to third-party search providers (expected for this skill).
Install Mechanism
There is no install spec and no code to write to disk (instruction-only). This is the lowest-risk install model and aligns with the skill's purpose.
Credentials
The skill requires no environment variables, credentials, or config paths. That is appropriate given the stated 'no API keys required' behavior.
Persistence & Privilege
always is false and the skill does not request elevated or persistent platform privileges. Autonomous invocation (model invocation enabled) is the platform default and is not excessive here.
Assessment
This skill appears coherent and low-risk: it builds search-engine URLs and asks the agent to fetch them. Before installing, keep in mind: (1) any query you send will be transmitted to the listed third-party search providers — do not include secrets, passwords, or sensitive data in queries; (2) automated fetching may trigger rate-limiting or blocks by those providers; (3) some small metadata inconsistencies exist (references/advanced-search.md is mentioned but not present; multiple _meta files with different slugs/owner IDs), which look like documentation/versioning sloppiness rather than a security issue. If you need the skill to avoid sending sensitive input, or to use an API keyed provider under your control, consider modifying instructions or adding safeguards (input sanitization, explicit warnings, or limiting which engines are queried).

Like a lobster shell, security has layers — review code before you run it.

latestvk978qptsc297tpqzpv4nj9net1830tzj

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments