ClawHub
Back to skill
v1.0.1

Qianfan KnowledgeBase Search

BenignClawScan verdict for this skill. Analyzed May 1, 2026, 5:30 AM.

Analysis

This skill appears to do what it says: query Baidu Qianfan knowledge bases using a provided API key, with a few transparency notes about credentials, private data flow, and publisher metadata.

GuidanceThis appears safe for its stated purpose if you trust the publisher and intend the agent to search those Qianfan knowledge bases. Before installing, confirm the skill source, use a least-privilege Baidu API key if available, and limit QIANFAN_KNOWLEDGEBASE_IDS to knowledge bases you are comfortable exposing to the agent session.

Findings (3)

Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.

Abnormal behavior control

Checks for instructions or behavior that redirect the agent, misuse tools, execute unexpected code, cascade across systems, exploit user trust, or continue outside the intended task.

Agentic Supply Chain Vulnerabilities
SeverityLowConfidenceMediumStatusNote
_meta.json
"ownerId": "kn7akgt520t01vgs2tzx7yk6m180kt26"

The bundled _meta.json ownerId differs from the registry metadata owner ID shown for the skill, and the source/homepage are not provided. This is a provenance transparency issue, not evidence of malicious behavior.

User impactIt is less clear who packaged or maintains the skill, which matters because it uses an API credential.
RecommendationVerify the publisher or review the included code before installing, especially before providing a production Qianfan API key.
Permission boundary

Checks whether tool use, credentials, dependencies, identity, account access, or inter-agent boundaries are broader than the stated purpose.

Identity and Privilege Abuse
SeverityLowConfidenceHighStatusNote
search.py
api_key = os.getenv("BAIDU_API_KEY") ... "Authorization": "Bearer %s" % api_key

The script reads the Baidu API key from the environment and uses it as a bearer credential for Qianfan API access.

User impactAnyone allowing this skill to run gives the agent a way to query Qianfan knowledge bases permitted by that API key.
RecommendationUse a scoped or limited API key if possible, configure only intended knowledgebase IDs, and rotate or revoke the key if the skill is no longer needed.
Sensitive data protection

Checks for exposed credentials, poisoned memory or context, unclear communication boundaries, or sensitive data that could leave the user's control.

Insecure Inter-Agent Communication
SeverityLowConfidenceHighStatusNote
search.py
url = "https://qianfan.baidubce.com/v2/knowledgebases/search" ... requests.post(url, json=request_body, headers=headers)

The user query and selected knowledgebase IDs are sent to Baidu Qianfan's external API, and private search results are returned into the agent context.

User impactSearch queries and retrieved private knowledge-base content flow through Baidu Qianfan and may be visible to the agent session.
RecommendationUse the skill only for queries appropriate to send to Qianfan and avoid retrieving highly sensitive knowledge-base content unless the agent session is trusted.