ddgs (DuckDuckGo Search)
PassAudited by ClawScan on May 1, 2026.
Overview
This appears to be a straightforward DDGS web-search helper; the main things to notice are the third-party Python package install and that search queries go to external search backends.
This skill looks benign for web search. Before installing, verify the `ddgs` package source, consider using a virtual environment, and avoid searching for confidential or secret information because queries may be sent to external search providers.
Findings (2)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
Installing the package changes the Python environment and runs code from the package ecosystem; using the wrong or compromised package could affect the user's system.
The skill asks the user or agent to install an unpinned third-party Python package. This is aligned with using the DDGS client, but it is a supply-chain/provenance point users should review before installing.
# Install via uv (Recommended) uv pip install ddgs # Or install via pip pip install ddgs
Install in a virtual environment, verify the package name/source, and pin a trusted version if using it in a sensitive workflow.
Sensitive or private search terms could be exposed to external search services.
Search terms may be sent to DDGS and whichever external backend is selected. This is expected for a metasearch skill, but the data boundary is external and not limited to a single named provider.
aggregating results from diverse search services ... backend='auto' # Backends: auto, duckduckgo, brave, bing, etc.
Avoid putting secrets, private identifiers, or confidential business information into search queries; choose a specific backend or proxy if privacy requirements matter.