ClawHub

baidu search

Security checks across malware telemetry and agentic risk

Overview

This is a straightforward Baidu web-search skill that uses a declared API key and sends user searches to Baidu, with no evidence of hidden or destructive behavior.

Install only if you are comfortable sending search terms to Baidu's AI Search API. Keep BAIDU_API_KEY secret, prefer environment or managed secret storage when available, and protect ~/.openclaw/openclaw.json if you store the key there.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (4)

Lp3

Medium
Category
MCP Least Privilege
Confidence
95% confidence
Finding
The skill metadata indicates use of an environment variable and outbound network access, but the skill does not explicitly declare permissions for those capabilities. This weakens user awareness and permission governance, making it easier for a skill to access secrets and transmit data externally without clear disclosure or policy enforcement.

Missing User Warnings

Medium
Confidence
98% confidence
Finding
The skill describes web search functionality but does not clearly warn users that their queries are sent to Baidu's external API. Users may unknowingly submit sensitive prompts, internal terms, or proprietary information to a third party, creating privacy and data-handling risks.

Missing User Warnings

Medium
Confidence
94% confidence
Finding
The guide tells users to place a live API key directly into a persistent local JSON configuration file and provides no warning about treating the value as a secret, restricting file permissions, or avoiding commits and logs. This increases the chance of credential disclosure through backups, source control, shared machines, or overly permissive filesystem access.

Missing User Warnings

Medium
Confidence
92% confidence
Finding
The script sends the user-provided search query directly to Baidu's external API, which is a real data-exposure risk because queries may contain sensitive prompts, identifiers, or proprietary research terms. In a search skill this transmission is functionally expected, but the lack of explicit notice, consent handling, or filtering means users and upstream callers may unknowingly disclose sensitive data to a third party.

VirusTotal

No VirusTotal findings

View on VirusTotal