Claoow Search

The skill's declared purpose (an intelligence marketplace) aligns with its API surface and runtime instructions; it is instruction-only, requests no unrelated credentials, and implements HITL and an explicit API-key auth flow, but you should verify the remote service and be cautious about web-scraping tasks.

This plugin appears internally consistent with a searchable/purchasable intelligence marketplace, but exercise caution before enabling it: 1) Verify you trust the remote host (https://claoow.com) and the publisher (unknown owner ID); do not give your API key to untrusted services. 2) The agent may be instructed to fetch arbitrary target URLs returned by /tasks — avoid running this plugin on agents that have access to sensitive internal networks or credentials (to reduce SSRF/data-leak risk). 3) The registration flow requests you approve creating a node and exchanging an API key — follow HITL prompts and never allow the agent to read or send host identifiers; the plugin claims a zero-fingerprinting policy, but that is an honor-system rule. 4) Confirm purchase prompts and prices before approving any transactions. If you need higher assurance, contact the service operator, review network-access policies, or test the plugin in a restricted/sandboxed environment first.