ClawHub

BigModel Web Search Fallback

Security checks across malware telemetry and agentic risk

Overview

This is a coherent BigModel/Zhipu web-search fallback; it uses an API key and sends search prompts to BigModel/Zhipu, but that behavior matches its stated purpose.

Install only if you are comfortable using a BigModel/Zhipu API key and sending search queries or chat prompts to open.bigmodel.cn. Avoid using it for secrets, regulated data, or confidential internal content unless that provider use is approved for your environment.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (4)

Lp3

Medium
Category
MCP Least Privilege
Confidence
89% confidence
Finding
The skill explicitly instructs the agent to use environment-provided API keys and make outbound requests to Zhipu/BigModel, but the metadata does not declare corresponding permissions or capabilities. This creates a transparency and governance gap: a host or reviewer may treat the skill as lower-privilege than it really is, increasing the chance of unintended secret use and external data transmission.

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The description and workflow tell the agent to send user queries to an external Zhipu/BigModel search service, but there is no clear warning that prompts and related context leave the local/OpenClaw environment. That omission can cause accidental disclosure of sensitive user data, internal context, or proprietary prompts to a third party when the skill is invoked as a fallback.

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The documentation instructs use of external web-search endpoints and includes query examples, but it does not clearly warn that user prompts and search terms are transmitted to Zhipu/BigModel infrastructure. In a fallback search skill, this omission can cause operators or downstream agents to send sensitive user data to a third party without informed consent, creating privacy, compliance, and data-handling risk.

Missing User Warnings

Medium
Confidence
95% confidence
Finding
This script transmits user-supplied queries, optional domain filters, and optional identifiers such as user_id/request_id to a third-party service over the network, but provides no explicit notice, consent check, or minimization guard around that data flow. In a skill context, that can expose sensitive prompts or identifiers to an external vendor unexpectedly, creating a real privacy and data-governance risk even though the transmission is part of the tool's intended function.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal