ClawHub

free_google_search_with_browser

Security checks across malware telemetry and agentic risk

Overview

This appears to be a Google search helper, but it needs review because it uses stealth-style browser automation, sends raw queries to Google, and depends on a flagged network library.

Install only if you are comfortable with user queries being sent to Google through automated browsing. Avoid using it for secrets, credentials, private project details, or sensitive personal data, and prefer a version with clear disclosure, pinned dependencies, and a fixed curl_cffi release.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (10)

Vague Triggers

Medium
Confidence
84% confidence
Finding
The invocation text uses very broad trigger wording such as 'search Google' or 'find information online,' which can overlap with many ordinary user requests. This increases the chance the agent invokes the skill unexpectedly, causing unanticipated browsing and data disclosure to external services.

Missing User Warnings

Medium
Confidence
93% confidence
Finding
The documentation states the skill uses a 'stealthy fetcher' and browser automation to mimic real user behavior, yet it does not present a clear user-facing warning that queries will be sent to an external site through stealth-oriented browsing. This lack of disclosure is especially concerning because stealth framing suggests an attempt to avoid detection or anti-bot controls, increasing privacy, policy, and trust risks.

Missing User Warnings

Medium
Confidence
96% confidence
Finding
The function sends the raw user-provided query to Google over the network without any user-facing notice, consent, or redaction. In an agent setting, users may provide sensitive data expecting local processing, so silently transmitting prompts, names, credentials, tokens, internal project details, or other confidential text to a third party creates a real privacy and data-leak risk.

Unpinned Dependencies

Low
Category
Supply Chain
Content
scrapling>=0.4.2
curl_cffi>=0.14.0
playwright>=1.58.0
patchright>=1.58.2
Confidence
94% confidence
Finding
scrapling>=0.4.2

Unpinned Dependencies

Low
Category
Supply Chain
Content
scrapling>=0.4.2
curl_cffi>=0.14.0
playwright>=1.58.0
patchright>=1.58.2
msgspec>=0.20.0
Confidence
98% confidence
Finding
curl_cffi>=0.14.0

Unpinned Dependencies

Low
Category
Supply Chain
Content
scrapling>=0.4.2
curl_cffi>=0.14.0
playwright>=1.58.0
patchright>=1.58.2
msgspec>=0.20.0
browserforge>=1.2.4
Confidence
92% confidence
Finding
playwright>=1.58.0

Unpinned Dependencies

Low
Category
Supply Chain
Content
scrapling>=0.4.2
curl_cffi>=0.14.0
playwright>=1.58.0
patchright>=1.58.2
msgspec>=0.20.0
browserforge>=1.2.4
Confidence
93% confidence
Finding
patchright>=1.58.2

Unpinned Dependencies

Low
Category
Supply Chain
Content
curl_cffi>=0.14.0
playwright>=1.58.0
patchright>=1.58.2
msgspec>=0.20.0
browserforge>=1.2.4
Confidence
90% confidence
Finding
msgspec>=0.20.0

Unpinned Dependencies

Low
Category
Supply Chain
Content
playwright>=1.58.0
patchright>=1.58.2
msgspec>=0.20.0
browserforge>=1.2.4
Confidence
91% confidence
Finding
browserforge>=1.2.4

Known Vulnerable Dependency: curl_cffi — 2 advisory(ies): GHSA-3vpc-4p9p-47hc (curl_cffi bundles a version of libcurl affected by High Severity vulnerability); CVE-2026-33752 (curl_cffi: Redirect-based SSRF leads to internal network access in curl_cffi (wi)

High
Category
Supply Chain
Confidence
99% confidence
Finding
curl_cffi

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal