Skillv1.0.0

ClawScan security

Multi-Engine Web Search · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

Scanner verdict

BenignMar 4, 2026, 8:24 PM

Verdict: benign
Confidence: high
Model: gpt-5-mini
Summary: The skill's requirements and instructions match its stated purpose: it is an instruction-only multi-search helper that performs web_fetch calls and stores minimal preference data locally, with no unexpected credentials or installs.
Guidance: This skill appears to do what it says: run the same query across multiple search engines and keep a small local preferences file. Before installing or enabling it, consider: (1) Privacy — every query will be sent to multiple external search providers, so do not submit passwords, secrets, or sensitive personal data. (2) Activation behavior — it will store preferences in ~/multi-engine-web-search/memory.md and may add an activation flag to your agent memory; review that file and the agent memory change if you want to control when it runs. (3) Configure blocked engines or 'on_request' activation if you want to limit external exposure or avoid particular regional engines. If you want stronger guarantees, ask the skill author for explicit handling of sensitive queries (e.g., automatic prompt to confirm before sending) or keep the activation mode set to manual.

Review Dimensions

Purpose & Capability: okName and description (multi-engine web search) align with the instructions and listed engines. There are no unrelated required binaries, environment variables, or config paths declared.
Instruction Scope: noteInstructions are scoped to running web_fetch queries against many search engine URLs, applying operator patterns, and storing small preference memory. This is coherent for the stated purpose. Note: the skill directs the agent to read/write ~/multi-engine-web-search/memory.md and to save activation preferences into the agent's main memory — both are reasonable for a preference-oriented skill but are actions the user should be aware of.
Install Mechanism: okInstruction-only skill with no install spec and no code files — lowest install risk. There is nothing downloaded or written during an install step beyond the runtime memory file described in the SKILL.md/setup.md.
Credentials: noteThe skill requests no credentials or env vars (proportional). However, its core behavior is to send every query to multiple external search providers; sensitive queries (PII, secrets) will be transmitted to several third parties. This is a privacy/coverage tradeoff rather than an incoherence, but users should assume queries are externally visible to the listed engines.
Persistence & Privilege: notealways:false (normal). The skill persists a small preferences file in the user's home directory and asks to update the agent's main memory with activation preferences. Writing its own small memory file is reasonable; updating the agent's main memory is expected for activation behavior but is a privileged action the user should approve.