ClawHub

Claude Code WebSearch

Security checks across malware telemetry and agentic risk

Overview

This skill is a small, disclosed wrapper that sends user-provided web search queries to Claude or Codex CLI, with no evidence of hidden persistence, file harvesting, destructive behavior, or deceptive actions.

Use this for ordinary web searches only. Before installing, confirm you trust the installed Claude or Codex CLI and the account it uses, and avoid searching for secrets, confidential project names, private URLs, regulated data, or credentials. Create the optional ccws alias only if you want a persistent command shortcut.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (3)

Vague Triggers

Medium
Confidence
93% confidence
Finding
The activation phrases are broad enough to match ordinary user requests like 'search the web' or multilingual variants, which can cause the skill to trigger in situations beyond the user's explicit intent. In an agent setting, overly broad routing can redirect requests to this skill unexpectedly, leading to unintended external web access, privacy leakage in queries, or bypass of preferred search controls and policy checks.

Vague Triggers

Medium
Confidence
89% confidence
Finding
The 'When to Use' guidance defines trigger conditions such as 'Any web search need' and mixed natural-language examples without clear boundaries, making invocation scope ambiguous. In practice, this can cause the agent to over-select the skill, increasing the chance of unreviewed outbound searches, accidental disclosure of sensitive prompt context in search queries, and inconsistent tool-routing behavior.

Missing User Warnings

Medium
Confidence
92% confidence
Finding
The script sends the user's query to an external web-search-capable CLI backend (`claude` or `codex`) without any notice, confirmation, or consent mechanism. Because search queries may contain sensitive prompts, internal project names, credentials pasted by mistake, or regulated data, this creates an unannounced data egress/privacy risk even though it appears to be the intended functionality of the skill.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal