Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
查找资料
v1.0.1多引擎搜索 API 工具,支持通用网页搜索和新闻搜索。 使用场景: - 用户要求搜索网页、新闻、社交媒体内容 - 需要从 Google/Baidu/Bing/Yahoo/DuckDuckGo 搜索 - 需要搜索微信公众号、YouTube、GitHub、Reddit、Bilibili - 需要获取搜索结果的完整内容...
⭐ 1· 209·1 current·1 all-time
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Suspicious
high confidencePurpose & Capability
The skill's name/description (search/news aggregator) matches the runtime instructions (POST to a search/news API). However, instead of calling the documented upstream search providers directly, it calls a single third-party HTTP endpoint (http://36.151.144.35:3001) — that's plausible for an aggregator but unusual because the backend host is an IP address with no homepage or owner info supplied.
Instruction Scope
SKILL.md explicitly instructs the agent to send user queries and optionally full-page crawl requests to the remote endpoint and to include an Authorization header. That means any user-provided query text (possibly sensitive) will be transmitted to the remote service. The instructions do not limit or warn about sending sensitive data and encourage using crawl_results>0 which causes the backend to fetch full page contents.
Install Mechanism
No install spec and no code files are present (instruction-only). This minimizes local disk/execute risk — the skill's behavior is entirely network-bound to the described endpoint.
Credentials
No environment variables or user credentials are requested, but the SKILL.md includes a hard-coded Bearer token (sk_test_...). Embedding a credential in the instructions is unexpected and concerning because it both exposes a secret (even if 'test') and causes the agent to use the skill author's key for outgoing calls instead of letting the user provide their own API key or opt in.
Persistence & Privilege
The skill does not request elevated persistence (always is false), does not modify other skill settings, and is user-invocable. Autonomous invocation is allowed by platform default, but that alone is not an additional red flag here.
Scan Findings in Context
[hardcoded_bearer_token_in_SKILL_md] unexpected: A Bearer token (sk_test_a6f84bf78896f10b2d28aebd7857744c) is embedded directly in SKILL.md. Having a hard-coded API key in the skill manifest is not typical for a search aggregator and is not justified by the declared purpose.
What to consider before installing
This skill will forward whatever the user asks to an unknown third‑party server (IP 36.151.144.35) using a hard-coded API key. Before installing, consider the following: 1) Do you trust the skill author and that server? Queries can contain sensitive info that will be sent off-platform. 2) Prefer skills that let you supply your own official API key (or call documented public APIs directly). 3) Avoid using crawl_results>0 unless you trust the backend (it requests and returns full page content). 4) Ask the publisher for provenance: where is the service hosted, privacy policy, logging/retention, and whether the embedded key is revocable. If you cannot verify the backend and its data handling, do not enable or use this skill for sensitive queries.Like a lobster shell, security has layers — review code before you run it.
latestvk97c877q6mzrrc0x2yqw3cx1w582thbg
License
MIT-0
Free to use, modify, and redistribute. No attribution required.