ClawHub

Search Intelligence Skill

Security checks across malware telemetry and agentic risk

Overview

This is a disclosed search and OSINT tool, but it includes ready-made workflows for finding exposed secrets, admin panels, personal data, and piracy-oriented file sources without strong guardrails.

Install only if you intend to use it for authorized research. Use a trusted self-hosted SearXNG instance, avoid sending confidential targets or personal identifiers to third-party search backends, disable or avoid piracy-oriented engines, and restrict security/OSINT searches to domains or people you are authorized to investigate.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (15)

Context-Inappropriate Capability

Medium
Confidence
92% confidence
Finding
The example code explicitly showcases offensive-security and reconnaissance workflows such as finding exposed .env files and admin panels. Even though this is only example usage, it documents and normalizes dual-use behavior that goes beyond generic search and can enable unauthorized target discovery or misuse by downstream users.

Context-Inappropriate Capability

Medium
Confidence
95% confidence
Finding
The direct dork example searches GitHub for API keys in .env files, which is a classic secrets-discovery technique associated with credential harvesting. Presenting this as a supported example materially increases misuse risk by giving users a ready-made query for locating exposed credentials.

Context-Inappropriate Capability

Medium
Confidence
90% confidence
Finding
Using the query suggestion feature to generate searches for SQL injection vulnerabilities advertises the tool as useful for vulnerability discovery. In context, this broadens the skill from search assistance into offensive security enablement, which can facilitate unauthorized testing against targets.

Context-Inappropriate Capability

Medium
Confidence
92% confidence
Finding
The configuration explicitly includes torrent and shadow-library sources such as Pirate Bay, 1337x, Z-Library, and Library Genesis under a generic search skill. In the context of an AI-powered search agent, this broadens the skill into facilitating access to likely infringing or illicit content, which is outside a normal general-search purpose and increases misuse risk.

Context-Inappropriate Capability

High
Confidence
97% confidence
Finding
The file intent routing prioritizes piracy-oriented engines for file discovery, meaning ordinary file searches may be steered directly toward torrent and shadow-library sources. That creates a concrete misuse path where the agent operationally assists acquisition of unauthorized content rather than merely exposing a neutral engine list.

Context-Inappropriate Capability

High
Confidence
99% confidence
Finding
These security dork templates are purpose-built to find exposed .env files, private keys, admin panels, API docs, backup files, and other sensitive assets on target domains. In an agent skill, this materially enables reconnaissance and credential discovery against third parties, lowering the barrier for offensive abuse even if framed as security research.

Context-Inappropriate Capability

Medium
Confidence
89% confidence
Finding
The OSINT templates directly support discovery of people, emails, phone numbers, usernames, profiles, and company/person linkages. In a general AI search skill, these templates can facilitate doxxing, stalking, or privacy-invasive profiling by turning broad search into structured personal-data discovery workflows.

Missing User Warnings

Medium
Confidence
90% confidence
Finding
The README encourages security and OSINT-style searches and shows use against potentially sensitive targets, but it does not clearly warn that user queries are sent to a configured SearXNG server. In an agent setting, this can expose sensitive investigative terms, targets, or internal prompts to an external service or its logs, creating privacy, confidentiality, and operational-security risks.

Missing User Warnings

Medium
Confidence
96% confidence
Finding
The skill advertises OSINT, security research, and people-lookup use cases without prominently warning that search terms, targets, emails, phone numbers, and other investigated data will be sent to the configured SearXNG server and then to upstream engines via SearXNG. This creates a privacy and data-handling risk, especially for sensitive investigations, because users may unknowingly disclose personal or confidential targets to third parties.

Missing User Warnings

Medium
Confidence
88% confidence
Finding
The examples submit sensitive queries, including target domains and an email address, to a configured SearXNG instance without any warning that this data will be transmitted to an external service. This can expose personal data, investigative intent, or sensitive target information to logs, operators, or intermediaries if the backend is remote or improperly secured.

Missing User Warnings

Medium
Confidence
85% confidence
Finding
The OSINT branch explicitly boosts search results containing terms like "email", "phone", "linkedin", "profile", and "bio", which steers ranking toward personal-data-bearing content. In a search-intelligence skill that supports OSINT use cases, this increases the likelihood of surfacing personal information without any built-in consent checks, purpose limitation, or user-facing warning, making privacy-invasive use easier.

Missing User Warnings

Medium
Confidence
97% confidence
Finding
The client defaults to base_url='http://localhost:8888', so search queries are sent in cleartext unless the caller explicitly overrides it. Even though localhost reduces exposure in many deployments, this skill is a search-intelligence tool that may handle sensitive reconnaissance queries, and configurations are often changed from local to remote SearXNG instances without revisiting transport security, creating a realistic confidentiality risk.

Missing User Warnings

Medium
Confidence
90% confidence
Finding
This file packages sensitive security and OSINT query templates without any embedded indication of consent requirements, authorized-use boundaries, or abuse-prevention controls. In practice, that omission makes dangerous capabilities easier to invoke silently through an agent, especially for exposed credentials and personal-data searches.

Missing User Warnings

Medium
Confidence
92% confidence
Finding
The main search interface transmits user-provided natural-language queries, which may include sensitive targets, identifiers, or reconnaissance dorks, to an external SearXNG service without any explicit disclosure, confirmation step, or safety boundary in the interface. In an agent context, this can cause unintended data egress and operational exposure, especially if the configured SearXNG instance is remote, logged, or controlled by a third party.

Missing User Warnings

Medium
Confidence
96% confidence
Finding
The direct dork execution path forwards raw user-supplied dork queries to the backend search service with no warning, validation, or confirmation. Because dorks often encode sensitive reconnaissance intent and target-specific data, this creates a clearer and higher-risk data-leakage channel than ordinary search, particularly when used by autonomous agents.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal