cloudsway-search-tob
PassAudited by ClawScan on May 1, 2026.
Overview
This appears to be a straightforward web-search API wrapper, with expected notes around using an access key, external search/MCP endpoints, and untrusted web content returned into the model context.
This skill looks safe for its stated web-search purpose if you trust the Cloudsways SmartSearch service. Before installing, verify the endpoint you configure, use a limited/revocable access key, remember that web results are untrusted content, and note that the registry metadata does not fully list the required env vars and curl/jq dependencies.
Findings (4)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
Search results or webpage text could influence the agent if treated as instructions rather than as untrusted reference material.
The skill intentionally brings third-party webpage snippets or full content into the model context. That is expected for web search, but web content can contain misleading or instruction-like text.
Search the web and extract intelligent fragments or full-text content directly into the LLM context.
Treat returned snippets, mainText, and content as untrusted data, and do not let webpage text override the user's request or safety constraints.
Anyone with access to the configured key may be able to use the associated Cloudsways search service quota or account privileges.
The script uses an environment-provided access key to authenticate to the configured SmartSearch API endpoint. This is expected for the service integration, but it is still credentialed access.
--header "Authorization: Bearer ${CLOUDSWAYS_AK}"Use a scoped, revocable access key, avoid sharing it in prompts or logs, and verify CLOUDSWAYS_BASE_PATH and CLOUDSWAYS_ENDPOINT before use.
The installation page may not fully communicate the setup requirements or provider provenance, so users could configure credentials without independent verification.
The registry metadata does not identify a source or homepage and does not reflect the env vars, access key, curl, and jq requirements disclosed in SKILL.md. This is not hidden in the artifacts, but it makes pre-install review less complete.
Source: unknown; Homepage: none; Required env vars: none; Primary credential: none
Verify the provider endpoint and source out of band, and ensure curl, jq, and the required CLOUDSWAYS_* variables are intentionally configured.
Search queries and the bearer token would be sent to the configured MCP/server endpoint if this integration is used.
The skill documents an optional MCP client configuration that sends authorized search requests through a remote HTTP MCP endpoint. This is aligned with the search purpose but introduces an external service boundary.
"transport": "streamable_http", "url": "https://searchmcp.cloudsway.net/search/{YOUR_SMARTSEARCH_ENDPOINT}/smart", "headers": { "Authorization": "Bearer {YOUR_SMARTSEARCH_AK}" }Only configure the MCP endpoint if it is trusted, confirm the exact hostname, and protect the bearer token like any other API credential.