Gemini Web Search
SuspiciousAudited by ClawScan on May 10, 2026.
Overview
The skill is mostly aligned with web search, but its helper can turn search text into local shell execution and it relies on an unclear pre-existing Gemini login.
Install only if you are comfortable using Gemini CLI from your own verified account. Before using the helper script, fix the shell-command construction or avoid it, because crafted search text could execute local commands.
Findings (4)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
A search query or copied text containing shell metacharacters could run unintended commands on the local machine.
The prompt is inserted into a shell command string; escaping only double quotes does not prevent shell substitutions such as $() or backticks from being executed.
script -q -c "${GEMINI_BIN} -p \"${PROMPT//\"/\\\"}\"" /dev/nullDo not pass user-controlled prompts through `sh -c`/`script -c`; invoke Gemini with argument arrays or a pseudo-TTY wrapper that does not use shell parsing, and require review before running local commands.
Searches may run under the wrong Google/Gemini account, affecting that account's history, quota, billing, or privacy.
The skill relies on an existing authenticated Gemini session tied to a named person, but does not define which account should be used, its scope, or how the user consents.
Auth: already completed by Jiajie (should work without re-login)
Require the installing user to authenticate explicitly with their own dedicated Gemini account and document the credential scope and logout/revocation process.
Users must trust that the local `gemini` binary is genuine and up to date.
The skill depends on a local Gemini CLI binary but provides no provenance or installation specification for that executable.
Source: unknown; Homepage: none; No install spec — this is an instruction-only skill.
Install Gemini CLI only from the official Google source, verify the binary path, and declare the required binary in metadata.
Anything included in the search prompt may be sent to Gemini and associated with the active account.
The user's search prompt is sent through the local Gemini CLI to an external provider, which is expected for this skill but still affects data exposure.
Command template: `~/.npm-global/bin/gemini -p "<prompt>"`
Avoid putting secrets or private data in search prompts, and use a clearly identified account intended for this integration.