ClawHub

Web Search Instant

Security checks across malware telemetry and agentic risk

Overview

This skill is a straightforward DuckDuckGo instant-answer search helper; its main consideration is that search text is sent to DuckDuckGo.

Install this for quick public lookups and instant answers. Do not put secrets, credentials, private personal data, customer data, or internal project details into search queries, because the query is sent to DuckDuckGo over the internet.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (3)

Lp3

Medium
Category
MCP Least Privilege
Confidence
94% confidence
Finding
The skill documentation indicates shell execution (`./web-search.sh ...`) and outbound network access to DuckDuckGo, but the skill does not declare permissions for those capabilities. Undeclared capabilities weaken security review and policy enforcement because an agent may invoke a networked shell-based tool without users or platform controls having clear visibility into what the skill can do.

Vague Triggers

Medium
Confidence
87% confidence
Finding
The description includes very broad activation cues such as "what is," "how to," and "google something," which can match a large fraction of ordinary user requests. This can cause unintended invocation of a network-capable search skill, leading to unnecessary data egress, surprising behavior, and reduced user control over when external lookups occur.

Missing User Warnings

Medium
Confidence
94% confidence
Finding
The script sends the user's raw search query to DuckDuckGo over the network, but it does not provide an explicit privacy warning or require confirmation before disclosure. In an agent setting, users may enter sensitive data unintentionally, and the skill context encourages broad use for lookups, increasing the chance that confidential prompts, identifiers, or internal information are transmitted to a third party.

VirusTotal

56/56 vendors flagged this skill as clean.

View on VirusTotal