ClawHub

Google Search

Security checks across malware telemetry and agentic risk

Overview

This skill coherently provides Google-powered search using a user-provided Google API key, with no evidence of hidden persistence, unrelated data access, or destructive behavior.

Install this only if you want agent searches routed through Google/Gemini. Use a restricted Google API key, watch Google quota or billing, avoid sending private data in search queries, review the Hebrew/Israel locale defaults, and consider installing dependencies in an isolated Python environment.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (2)

Lp3

Medium
Category
MCP Least Privilege
Confidence
83% confidence
Finding
The skill declares only `allowed-tools: [exec]`, but the documentation clearly indicates use of environment variables and outbound network access to Google APIs. This creates a permissions/transparency mismatch: operators may approve the skill without realizing it can access secrets from env and send user queries externally. In a search skill, network access is expected, but undeclared capabilities still increase risk because they weaken informed consent and policy enforcement.

Natural-Language Policy Violations

Medium
Confidence
80% confidence
Finding
The skill defaults `GOOGLE_SEARCH_LANG` to `he` and `GOOGLE_SEARCH_COUNTRY` to `IL` without explicit user opt-in. That can silently bias search results, relevance ranking, news coverage, and legal/regional content toward a specific locale, potentially exposing user geography/preferences or producing misleading results for users who expected neutral or auto-detected behavior. In a general-purpose search skill, locale defaults materially affect outputs, so this is more security/privacy-relevant than in a narrowly Israel-focused skill.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal