ClawHub

360-web-search

Security checks across malware telemetry and agentic risk

Overview

This is a disclosed 360 web-search integration whose main risk is that search queries are sent to 360 automatically when the skill is triggered.

Install this only if you want 360-powered web search and are comfortable sending search terms to 360. Avoid putting secrets, confidential documents, or sensitive personal data into search prompts, protect the SEARCH_360_API_KEY, and monitor usage because API calls may consume paid quota.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (3)

Vague Triggers

Medium
Confidence
88% confidence
Finding
The README states that the skill will 'activate automatically for search requests' without defining clear boundaries, consent requirements, or disambiguation rules. In an agent environment, broad auto-activation can cause user prompts or sensitive context to be sent to an external service when the user did not explicitly request third-party web search.

Missing User Warnings

Medium
Confidence
94% confidence
Finding
The usage section gives example prompts but does not clearly warn that those queries will be transmitted to an external provider. This creates a privacy and consent risk because users may believe the request is handled locally by the agent rather than shared with 360's search API.

Vague Triggers

Medium
Confidence
78% confidence
Finding
The trigger conditions are broad enough that the skill may activate for generic phrases like 'find recent' or 'look up' even when the user did not clearly intend external web access. In an agent setting, this can cause unintended transmission of user queries to a third-party search provider, creating privacy and policy risks, especially because `confirmBeforeRun` is set to false.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal