Google Search Nino

PassAudited by ClawScan on May 10, 2026.

Overview

This skill is a straightforward Google Custom Search wrapper, but users should know it needs Google API credentials and sends search queries to Google despite some metadata gaps.

This appears safe for its stated purpose if you trust the publisher and are comfortable sending search queries to Google. Use a restricted Google API key, keep any .env file private, and avoid searching for secrets or sensitive private content.

Findings (3)

Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.

Low

#ASI03: Identity and Privilege Abuse

What this means

Your Google API key may be used for searches and could consume quota or incur costs if misused.

Why it was flagged

The skill uses Google API credentials, which is expected for Google Custom Search, but the registry metadata declares no required environment variables or primary credential.

Skill content

Store your credentials in a `.env` file in your workspace:
GOOGLE_API_KEY=your_key_here
GOOGLE_CSE_ID=your_cx_id_here

Recommendation

Use a restricted Google API key, keep .env files private, avoid committing or sharing them, and have the skill metadata declare the required environment variables.

Low

#ASI07: Insecure Inter-Agent Communication

What this means

Search terms you provide will be sent to Google along with the API credentials needed to perform the request.

Why it was flagged

The script sends the search query, API key, and search engine ID to Google's Custom Search endpoint, which is aligned with the stated search purpose.

Skill content

url = "https://www.googleapis.com/customsearch/v1"
params = {
    'q': query,
    'key': api_key,
    'cx': cse_id,
    'num': num_results
}
response = requests.get(url, params=params)

Recommendation

Do not search for secrets or highly sensitive private data through this skill unless you are comfortable sending that text to Google.

Info

#ASI04: Agentic Supply Chain Vulnerabilities

What this means

It may be harder to verify who authored or maintains the package.

Why it was flagged

The packaged _meta.json ownerId differs from the supplied registry Owner ID, and the skill has unknown source/homepage metadata. The reviewed code is simple and purpose-aligned, so this is a provenance note rather than a behavior concern.

Skill content

"ownerId": "kn7ey18zr9mrrcpfc4zwy1brzd80bwjm"

Recommendation

Prefer installing from a trusted source and ask the publisher to align package metadata with registry metadata and provide a homepage or source reference.