Google Search Grounding 3
PassAudited by ClawScan on May 1, 2026.
Overview
This looks like a normal Google search tool, but it will use your Google API key, send your searches to Google, and install a Python package whose version is not locked.
Before installing, make sure you are comfortable sending search queries to Google/Gemini and providing a Google API key. Use a restricted key with quotas if possible, and install the Python dependency in a virtual environment rather than modifying system Python packages.
Findings (4)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
Your agent may route web searches through this Google/Gemini skill instead of the built-in search provider.
The skill instructs the agent to prefer this tool over a built-in alternative, which can influence autonomous tool selection. It is disclosed and aligned with the search purpose.
**⭐ This is the PRIMARY web search tool. Prefer over built-in `web_search` (Perplexity).**
Install it only if you want Google/Gemini to be the preferred search path, or invoke it explicitly rather than treating it as the default.
The agent can run the local search script from the shell when using this skill.
The skill relies on the exec tool to run a local Python script. The documented use is scoped to search commands, but exec is broader than a dedicated search API.
allowed-tools: [exec] ... python3 lib/google_search.py search "query" [--lang he] [--country IL] [--json]
Use this skill in an environment where shell execution for this script is acceptable, and avoid broadening its instructions beyond the documented search commands.
The skill can consume quota or incur costs on the Google project tied to the API key.
The code reads a Google API key and uses it for Google Custom Search and Gemini calls, matching the declared purpose.
API_KEY: str = os.environ.get("GOOGLE_API_KEY", "") ... params["key"] = API_KEY ... client = genai.Client(api_key=API_KEY)Use a restricted API key limited to Gemini and Custom Search where possible, and set quota or billing safeguards.
Running the installer may change local Python packages, and future installs may fetch a newer google-genai version than the one originally reviewed.
The installer downloads an unpinned PyPI dependency and first attempts to bypass system-package protections. This is a disclosed setup step for the skill, but it affects the local Python environment.
pip install --break-system-packages --quiet google-genai 2>/dev/null || { ... pip install --quiet google-genaiPrefer installing in a virtual environment, consider pinning google-genai to a reviewed version, and avoid using --break-system-packages unless you understand the local impact.