Back to skill
Skillv1.0.0
ClawScan security
Serper Web Search · ClawHub's context-aware review of the artifact, metadata, and declared behavior.
Scanner verdict
SuspiciousFeb 14, 2026, 3:50 AM
- Verdict
- suspicious
- Confidence
- medium
- Model
- gpt-5-mini
- Summary
- The skill's described purpose (using the Serper API for Google-like searches) is plausible and the instructions align with that purpose, but there are inconsistencies (missing declared requirements in the registry and references to a bundled script that does not exist) that warrant caution.
- Guidance
- This skill appears to be a simple Serper API wrapper, but there are two red flags to resolve before installing or using it: (1) the registry metadata does not declare the required curl binary or the SERPER_API_KEY environment variable even though SKILL.md requires them, and (2) the instructions mention a './scripts/search' script that is not included. Do not paste your API key into public chat; prefer setting SERPER_API_KEY in the agent environment. Ask the publisher to (a) update the registry metadata to declare required env vars/binaries, (b) include the referenced script or remove the reference, and (c) provide a trustworthy homepage or source. If you must test it, do so with a throwaway Serper key in an isolated environment and avoid using production credentials until these inconsistencies are fixed.
Review Dimensions
- Purpose & Capability
- noteThe SKILL.md describes a simple Serper API client (POST to https://google.serper.dev/search with X-API-Key). Requiring curl and a SERPER_API_KEY is proportionate to that purpose. However, the registry metadata claims no required binaries or env vars while the skill's metadata block and instructions explicitly require curl and SERPER_API_KEY — this mismatch is a governance/integrity issue.
- Instruction Scope
- concernInstructions only perform HTTP requests to serper.dev and describe using an environment key or inline key, which is appropriate. But the doc references a bundled './scripts/search' script that is not present in the package (no code files included). That is an internal inconsistency: the runtime instructions mention files that don't exist. Also the SKILL.md metadata requires curl and an env var that the registry doesn't declare.
- Install Mechanism
- okNo install spec and no code files — instruction-only. This has lower risk because nothing is written to disk by an installer. The absence of an install step is consistent with a purely documentation/instruction skill.
- Credentials
- noteThe only secret the instructions ask for is SERPER_API_KEY, which is appropriate for accessing the Serper API. However, the registry's required-env list is empty while the SKILL.md metadata and examples require SERPER_API_KEY; this mismatch should be resolved before trusting the skill.
- Persistence & Privilege
- okThe skill does not request always: true and has no install step that alters other skills or global agent settings. Autonomous invocation is allowed by default (disable-model-invocation:false) which is normal — no additional persistence or elevated privilege is requested.