Web Claude
AdvisoryAudited by Static analysis on Apr 30, 2026.
Overview
No suspicious patterns detected.
Findings (0)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
If the Claude.ai fallback runs, it may create or use Claude.ai chats and consume message quota under the user's account.
The Claude.ai fallback relies on a logged-in browser profile, so searches may be submitted using the user's existing Claude.ai session.
- OpenClaw browser running (port 18800) - claude.ai logged in (openclaw profile)
Use the Claude.ai fallback only when comfortable with that account use; force Brave or DuckDuckGo for searches that should not touch the Claude.ai session.
Sensitive search topics could remain in the local memory/research cache and may be reused or seen later.
The skill creates persistent local records of queries, results, summaries, and insights.
All search results automatically saved to `memory/research/` folder
Avoid searching secrets or private data, and periodically review or delete cached files if the results should not persist.
The DuckDuckGo fallback may fail if the package is absent, or it may use whatever local package version is already installed.
The DuckDuckGo fallback depends on an external Python package, while the provided artifacts include no pinned install spec or dependency provenance.
from duckduckgo_search import DDGS
If using this fallback, install the dependency from a trusted source and consider pinning a known version.