ClawHub

Yves Web Search

Security checks across malware telemetry and agentic risk

Overview

This is a coherent web-search helper that makes expected outbound requests, though users should avoid sending sensitive queries or URLs through it.

Install only if you are comfortable with searches and fetched URLs being sent to third-party web services. Do not use it for secrets, private intranet URLs, authenticated links, personal data, or confidential prompts. If you use JINA_API_KEY, keep it in a protected environment and avoid exposing it in shared terminals or logs.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (4)

Vague Triggers

Medium
Confidence
90% confidence
Finding
The skill description is extremely broad ('Search the web and fetch web pages... search for anything online'), which can cause the agent to invoke this skill for many ordinary requests without sufficient user awareness or consent. In context, this is more dangerous because the skill sends prompts/URLs to third-party services, so over-triggering increases the chance of unnecessary external data disclosure.

Missing User Warnings

Medium
Confidence
96% confidence
Finding
The skill routes user queries and target URLs through external services including Jina Reader, DuckDuckGo Lite, and possibly ddgs, but it does not clearly warn that these requests leave the local environment. This creates a real privacy and data-handling risk, especially if users or upstream agents pass sensitive prompts, URLs, tokens, intranet links, or other confidential information into the skill.

Missing User Warnings

Low
Confidence
87% confidence
Finding
The instructions tell users to export an API key and use a bundled script without any guidance on secure credential handling. While this is a lower-severity issue than the external-fetch behavior, it can still lead to accidental credential exposure through shell history, logs, screenshots, shared terminals, or misuse of the script in unsafe environments.

Missing User Warnings

Medium
Confidence
94% confidence
Finding
The script sends user-supplied URLs or search/grounding queries to an external third-party service and, when configured, also includes a bearer API key. In an agent-skill context this can leak sensitive prompts, internal URLs, or private data to a remote service without an explicit warning, confirmation step, or allowlist, making unintended data disclosure the main risk.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal