serper-search

AdvisoryAudited by Static analysis on May 10, 2026.

Overview

Detected: suspicious.env_credential_access

Findings (1)

Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.

NoteHigh Confidence

ASI03: Identity and Privilege Abuse

What this means

Searches made through the tool may consume your Serper.dev quota and are associated with the API key you provide.

Why it was flagged

The plugin uses a configured or environment Serper API key to authenticate outbound Serper.dev API calls. This is expected for the stated purpose, but it gives the tool access to the user's Serper account quota.

Skill content

const apiKey =
    pluginConfig.apiKey || process.env.SERPER_API_KEY || "";
...
"X-API-KEY": apiKey

Recommendation

Use a dedicated Serper.dev API key with appropriate quota limits, and only enable the plugin if you are comfortable sending search queries to Serper.dev.

NoteMedium Confidence

ASI04: Agentic Supply Chain Vulnerabilities

What this means

If installed through a package manager, the exact dependency version may vary over time.

Why it was flagged

The dependency is declared with a semver range rather than an exact pinned version, so an install could resolve a newer compatible package version. The dependency appears purpose-aligned for tool parameter schemas, and no install script is shown.

Skill content

"dependencies": {
    "@sinclair/typebox": "^0.32.0"
  }

Recommendation

Prefer installing from a reviewed source or lockfile if reproducibility matters.

Findings (1)

critical

suspicious.env_credential_access

Location: index.ts:72
Finding: Environment variable access combined with network send.