serper
PassAudited by ClawScan on May 1, 2026.
Overview
This search skill matches its stated purpose and shows no malicious behavior, but users should expect to provide a Serper API key, install an external Python dependency, and receive untrusted webpage text.
This skill appears safe and coherent for web search. Before installing, be comfortable providing a Serper API key, installing the trafilatura dependency, and treating returned webpage text as untrusted research material rather than instructions.
Findings (3)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
Your Serper account key will be used for searches, which may consume quota or access paid account capacity.
The script loads a Serper credential and sends it to the Serper API. This is expected for the stated search integration, but it is still account credential use that users should recognize before installing.
key = os.environ.get("SERPER_API_KEY") or os.environ.get("SERP_API_KEY") ... "X-API-KEY": api_keyUse a dedicated Serper key with appropriate quota limits, and avoid placing unrelated secrets in the skill .env file.
Installing the dependency pulls code from the Python package ecosystem into the user's environment.
The documented setup installs an external Python dependency without a pinned version. This dependency is central to the skill's page extraction purpose, but it is still third-party code provenance to consider.
pip install --user trafilatura
Install in a virtual environment where possible, verify the package source, and consider pinning or reviewing the trafilatura version used.
Webpage content returned by the skill could be inaccurate or include text that should not be treated as instructions to the agent.
The skill intentionally returns full text from third-party webpages into the agent context. This is purpose-aligned for web research, but retrieved web content is untrusted and can contain misleading text or prompt-like instructions.
reads the actual web pages to extract clean full-text content ... "content": "Full extracted page text..."
Treat extracted page text as untrusted source material, verify important claims, and do not let webpage text override the user's instructions or safety checks.