v1.0.0

Hot Search

ReviewClawScan verdict for this skill. Analyzed May 1, 2026, 8:35 AM.

Analysis

The skill mostly matches a web-search tool, but its code includes undocumented image download and local file-write behavior that should be reviewed before installation.

GuidanceReview the source before installing. Use it only for non-confidential searches, avoid invoking the image-download helpers unless you trust and constrain the output path, and consider pinning dependencies in a controlled environment.

Findings (4)

Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.

Abnormal behavior control

Checks for instructions or behavior that redirect the agent, misuse tools, execute unexpected code, cascade across systems, exploit user trust, or continue outside the intended task.

Tool Misuse and Exploitation

SeverityMediumConfidenceHighStatusConcern

search_skill.py

def download_image(self, image_url: str, output_path: str) -> bool: ... with open(output_path, "wb") as f: f.write(response.content) ... output_path = os.path.join(output_dir, f"{keyword}_{i+1}{ext}")

The skill contains helpers that download arbitrary remote content and write it to caller-controlled or keyword-derived local paths, without filename sanitization or clear output containment.

User impactIf an agent or user invokes these helpers, the skill could save web content to unexpected local paths instead of only returning search results.

RecommendationDisclose the download feature, require explicit user approval before writing files, sanitize keyword-derived filenames, and restrict writes to a clearly bounded temporary directory.

Human-Agent Trust Exploitation

SeverityMediumConfidenceHighStatusConcern

search_skill.py

搜索技能 v1.1 - 聚合搜索引擎 + 图片下载（反爬绕过版） ... 作者：小美 / 小乖 ... 支持：文本搜索、Bing 图片搜索、图片下载

The source describes a different version/authorship and additional image-download and anti-crawling behavior, while the public docs and metadata present version 1.0.0 as a financial web-search skill.

User impactA user may install it expecting only market-data search, while the included code contains extra scraping/download functionality and inconsistent provenance details.

RecommendationAlign SKILL.md, README, metadata, and source comments; clearly list all capabilities; and remove or explain the anti-crawling behavior so users can make an informed choice.

Agentic Supply Chain Vulnerabilities

SeverityLowConfidenceHighStatusNote

requirements.txt

requests>=2.28.0
beautifulsoup4>=4.11.0
lxml>=4.9.0

The dependency list uses minimum-version ranges rather than pinned versions or hashes, so future installs may resolve to different package versions.

User impactDependency behavior may change over time depending on what package versions are installed.

RecommendationPrefer pinned dependency versions or a lockfile when installing, especially in a shared or production OpenClaw environment.

Sensitive data protection

Checks for exposed credentials, poisoned memory or context, unclear communication boundaries, or sensitive data that could leave the user's control.

Insecure Inter-Agent Communication

SeverityLowConfidenceHighStatusNote

search_skill.py

"https://cn.bing.com/search" ... "https://global.bing.com/search" ... "https://yandex.com/search" ... "https://swisscows.com/web"

Search terms are sent to external search providers, which is expected for this skill but still matters if queries contain confidential financial or business information.

User impactPrivate search terms may be visible to third-party search engines.

RecommendationAvoid entering confidential or regulated information as search queries unless sharing it with those providers is acceptable.