Kagi
PassAudited by VirusTotal on May 12, 2026.
Overview
Type: OpenClaw Skill Name: kagi Version: 0.1.0 The skill bundle is benign. It provides Python scripts to interact with the Kagi API for search and FastGPT functionality. The code correctly retrieves the Kagi API token from environment variables (`KAGI_API_TOKEN` or `KAGI_API_KEY`) and makes network requests exclusively to the legitimate Kagi API endpoint (`https://kagi.com/api/v0`). There is no evidence of data exfiltration, malicious execution, persistence mechanisms, or prompt injection attempts in `SKILL.md` or other files. All actions are aligned with the stated purpose of using the Kagi API.
Findings (0)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
Using the skill can consume Kagi API quota and associate submitted searches or FastGPT prompts with the user's Kagi API token.
The skill reads a Kagi API credential from the environment and uses it in the Authorization header. This is expected for a Kagi API wrapper, but it gives the skill delegated access to the user's Kagi API account.
tok = os.environ.get("KAGI_API_TOKEN") or os.environ.get("KAGI_API_KEY") ... "Authorization": f"Bot {_token()}"Use a Kagi API token intended for this purpose, set it only in sessions where the skill is needed, and avoid submitting secrets or highly sensitive content as queries.
Queries and prompts entered through the skill are shared with Kagi for search or summarization.
Search queries and FastGPT prompts are sent to Kagi's external API. This is clearly aligned with the skill's purpose and no unrelated endpoints are shown.
BASE_URL = "https://kagi.com/api/v0" ... return _request("POST", "/fastgpt", json_body=body)Treat search and FastGPT prompts as data sent to a third-party provider, and avoid including passwords, private keys, or confidential material.
Users have less external provenance information for verifying the origin or maintenance of the skill.
The registry metadata does not provide a source repository or homepage. The included code is visible and there is no install script, so this is a provenance note rather than a behavior concern.
Source: unknown Homepage: none
Review the bundled scripts before use and prefer a skill release with a clear source repository or publisher information when available.