ClawHub

Search Web

Security checks across malware telemetry and agentic risk

Overview

This is a straightforward local web-search skill; the main caution is that search queries are sent to a local SearXNG service.

Install this only if you trust the SearXNG service running on localhost:8080. Do not put secrets, credentials, private internal data, or sensitive personal information into search queries unless you are comfortable with how your SearXNG instance logs and forwards them.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (3)

Vague Triggers

Medium
Confidence
89% confidence
Finding
The skill recommends use for broad categories like fact verification, documentation lookup, and current-topic research without defining tighter activation boundaries or requiring user confirmation. In an agent setting, this can cause overuse of web search for many routine tasks, increasing unintended external requests, privacy exposure of prompts/queries, and reliance on untrusted internet content.

Missing User Warnings

Medium
Confidence
93% confidence
Finding
The skill states that it sends search queries to a SearXNG HTTP API but does not prominently warn that queries are transmitted over plain HTTP to a local service. Even on localhost, this matters because sensitive prompts or derived user data may be forwarded to another process without clear disclosure, and deployments may later be reconfigured away from localhost where plaintext transport becomes riskier.

Missing User Warnings

Medium
Confidence
90% confidence
Finding
The tool sends a user-provided query to a local HTTP search service without any visible disclosure, consent handling, or minimization. Even though the destination is localhost, the query may contain sensitive user data and is transmitted to another service boundary, creating privacy and data-handling risk if that service logs, forwards, or is controlled by another component.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal