Duckduckgo Search

PassAudited by ClawScan on May 1, 2026.

Overview

This skill appears to do the advertised DuckDuckGo web search, with no credentials or persistence, but it sends search terms to DuckDuckGo and returns untrusted web snippets.

This looks like a straightforward DuckDuckGo search helper. Before installing, remember that queries are still sent to DuckDuckGo, privacy depends on that external service, and returned web snippets should be treated as untrusted information rather than instructions.

Findings (3)

Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.

Info

#ASI01: Agent Goal Hijack

What this means

A malicious or misleading web result could include text that tries to influence the agent if the agent treats result content as instructions.

Why it was flagged

The script formats externally retrieved search titles and snippets into Markdown for the agent or user to read.

Skill content

output += f"## {i}. {title}\n\n" ... output += f"{snippet}\n\n"

Recommendation

Treat search titles, snippets, and URLs as untrusted web content and verify important claims before acting on them.

Info

#ASI04: Agentic Supply Chain Vulnerabilities

What this means

It is harder to verify the publisher or upstream project history before trusting the skill.

Why it was flagged

The package provides visible source code and no automatic install step, but the registry metadata does not identify an upstream source or homepage.

Skill content

Source: unknown; Homepage: none

Recommendation

Review the included code and install only if you trust the registry publisher; a future version should provide clear source/homepage provenance.

Low

#ASI07: Insecure Inter-Agent Communication

What this means

Search terms leave the local environment and are visible to the external search provider and normal network path, even though this is expected for a web search tool.

Why it was flagged

The search query is sent to DuckDuckGo endpoints as part of the skill's normal operation.

Skill content

self.base_url = "https://duckduckgo.com/html/"; self.json_api_url = "https://api.duckduckgo.com/"; params = {"q": query}

Recommendation

Do not include passwords, tokens, private personal details, or confidential business information in search queries unless that disclosure is acceptable.