ClawHub
Back to skill
v1.0.0

DuckDuckGo Search

BenignClawScan verdict for this skill. Analyzed May 1, 2026, 8:16 AM.

Analysis

The skill appears purpose-aligned for web search and URL fetching, with no credential use or persistence, but users should notice its outbound web access and manual unpinned package install instruction.

GuidanceThis skill is reasonable for web search and page fetching. Before installing, verify any package you install from pip, and when using the skill avoid sensitive internal URLs and treat all returned web content as untrusted reference material.

Findings (3)

Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.

Abnormal behavior control

Checks for instructions or behavior that redirect the agent, misuse tools, execute unexpected code, cascade across systems, exploit user trust, or continue outside the intended task.

Tool Misuse and Exploitation
SeverityLowConfidenceHighStatusNote
scripts/ddg_fetch.py
parser.add_argument("url", help="URL to fetch") ... urllib.request.urlopen(req, timeout=timeout)

The fetch helper makes outbound requests to a supplied URL. This is expected for a URL-fetching skill, but broad URL fetching can contact unexpected hosts if invoked with sensitive or internal URLs.

User impactThe agent can retrieve web pages from URLs it is asked to fetch, so careless use could expose internal or private URLs to the agent's context.
RecommendationUse it for intended public web pages, avoid private/internal URLs unless deliberate, and consider restricting allowed schemes or hosts in sensitive environments.
Agentic Supply Chain Vulnerabilities
SeverityLowConfidenceHighStatusNote
SKILL.md
pip3 install duckduckgo-search

The documentation asks the user to install an unpinned third-party Python package. This is disclosed and related to the stated purpose, but users should verify the package source and version.

User impactFollowing the setup command installs whatever current package version is served by the package index.
RecommendationVerify the package before installing, consider pinning a known-good version, and install in an isolated environment if possible.
Sensitive data protection

Checks for exposed credentials, poisoned memory or context, unclear communication boundaries, or sensitive data that could leave the user's control.

Memory and Context Poisoning
SeverityLowConfidenceHighStatusNote
SKILL.md
Supports text search with results including title URL and snippet. Also supports URL fetching to extract readable content from web pages.

The skill intentionally brings search snippets and fetched page text into the agent context. That content is untrusted internet data and could contain misleading instructions or prompt-injection text.

User impactWeb pages or snippets may try to influence the agent's behavior if treated as instructions rather than source material.
RecommendationTreat fetched content as untrusted reference text and do not follow instructions from web pages unless the user explicitly asks for that action.