百度搜索
Security checks across static analysis, malware telemetry, and agentic risk
Overview
This is a straightforward Baidu web-search wrapper that uses a Baidu API key and sends user search queries to Baidu’s API.
This skill appears safe for its stated purpose. Before installing, make sure you are comfortable sending search queries to Baidu through your BAIDU_API_KEY, and use a dedicated key with appropriate limits.
Static analysis
No static analysis findings were reported for this release.
VirusTotal
VirusTotal findings are pending for this skill version.
Risk analysis
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
Search queries will be sent to Baidu and may be associated with the user's Baidu API key, billing, or account limits.
The skill uses the user's BAIDU_API_KEY as a bearer token to call Baidu's search API, which is expected for the stated web-search purpose.
url = "https://qianfan.baidubce.com/v2/ai_search/web_search" ... "Authorization": "Bearer %s" % api_key
Use a dedicated Baidu API key with the minimum necessary permissions and monitor usage or billing.
The skill may fail unless requests is already installed, and the dependency version/provenance is not specified in the artifacts.
The script depends on the non-standard Python requests package, while the provided install information only requires python3 and has no install spec.
import requests
Ensure requests is installed from a trusted source and consider adding a pinned dependency or install specification.