Web Claude
PassAudited by VirusTotal on May 12, 2026.
Overview
Type: OpenClaw Skill Name: mupeng-web-claude Version: 1.0.0 The skill is classified as suspicious due to the direct command execution mechanism using `python -c "..."` for the DuckDuckGo search functionality in SKILL.md. While the provided example is benign, this pattern introduces a significant prompt injection vulnerability. A malicious prompt could instruct the AI agent to construct and execute arbitrary shell commands via this mechanism, leading to potential remote code execution, even though the skill itself does not exhibit explicit malicious intent like data exfiltration or persistence.
Findings (0)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
If the Claude.ai fallback runs, it may create or use Claude.ai chats and consume message quota under the user's account.
The Claude.ai fallback relies on a logged-in browser profile, so searches may be submitted using the user's existing Claude.ai session.
- OpenClaw browser running (port 18800) - claude.ai logged in (openclaw profile)
Use the Claude.ai fallback only when comfortable with that account use; force Brave or DuckDuckGo for searches that should not touch the Claude.ai session.
Sensitive search topics could remain in the local memory/research cache and may be reused or seen later.
The skill creates persistent local records of queries, results, summaries, and insights.
All search results automatically saved to `memory/research/` folder
Avoid searching secrets or private data, and periodically review or delete cached files if the results should not persist.
The DuckDuckGo fallback may fail if the package is absent, or it may use whatever local package version is already installed.
The DuckDuckGo fallback depends on an external Python package, while the provided artifacts include no pinned install spec or dependency provenance.
from duckduckgo_search import DDGS
If using this fallback, install the dependency from a trusted source and consider pinning a known version.