Multi Search Engine Litiao
PassAudited by ClawScan on May 1, 2026.
Overview
This is a no-code search helper that looks mostly benign, but searches go to third-party websites and a few examples are dual-use.
This appears safe to install as a search URL guide, but treat it as a public-web search helper: avoid entering secrets or confidential data, use the credential/admin-page examples only in authorized contexts, and verify the package identity if provenance matters to you.
Findings (3)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
The agent could help formulate searches that locate sensitive or unauthorized material if a user prompts it that way.
The reference guide documents advanced search operators with examples that could be used to find exposed admin pages or password-like files. This is dual-use search documentation, not automatic execution, but users should notice the misuse potential.
`inurl:login admin` ... `intext:password filetype:txt`
Use these operators only for legitimate, authorized research and avoid searches aimed at finding credentials or unauthorized access points.
Search providers, redirects, and network logs may see sensitive terms if the user includes private information in queries.
Search keywords are embedded into URLs sent to many third-party providers. This is expected for a search-engine integration, but it means query terms leave the local environment.
"url": "https://www.google.com/search?q={keyword}" ... "url": "https://www.wolframalpha.com/input?i={keyword}"Do not put secrets, personal data, customer information, or confidential business details into search queries.
Users may be unsure which publisher, package identity, or version they are installing.
The included metadata differs from the registry-facing submission details, which show a different owner ID, slug, and version. With no code or install script this is mainly a provenance/versioning concern.
"ownerId": "kn79j8kk7fb9w10jh83803j7f180a44m", "slug": "multi-search-engine", "version": "2.0.1"
Verify the publisher and version before relying on it, and maintainers should align registry metadata with packaged metadata.