Back to skill
Skillv1.0.0
ClawScan security
web-search-skill · ClawHub's context-aware review of the artifact, metadata, and declared behavior.
Scanner verdict
BenignMar 6, 2026, 7:57 AM
- Verdict
- benign
- Confidence
- high
- Model
- gpt-5-mini
- Summary
- The skill's code, instructions, and requirements are consistent with its stated purpose (HTML-scraping searches of Baidu and Bing) and do not request unrelated credentials or unusual installs.
- Guidance
- This skill is coherent for the stated purpose (web-scraping search results). Before installing, consider: 1) It performs network requests to search engines and may fetch arbitrary result pages (treat fetched content as untrusted). 2) SKILL.md asks you to pip install third‑party Python packages — install them in a controlled virtualenv. 3) The script parses HTML and may break if search engines change their layout; it also leaves Baidu redirect URLs as-is and suggests using a separate WebFetch step to resolve real target pages. 4) Review scripts/search.py yourself (or run it in a sandbox) to confirm no additional data exfiltration or unexpected remote endpoints are present. If you need stricter controls, disable autonomous invocation for the agent or restrict this skill to manual use only.
Review Dimensions
- Purpose & Capability
- okThe name and description match the included search script: it scrapes Baidu and cn.bing.com for results. No unrelated credentials, binaries, or config paths are requested.
- Instruction Scope
- okSKILL.md instructs the agent to install standard Python scraping libs, run the provided script, and optionally use a WebFetch tool to retrieve full pages. The instructions do not ask the agent to read local secrets, system files, or send data to unexpected third-party endpoints beyond the target search engines and fetched result pages.
- Install Mechanism
- okThere is no install spec; the skill is instruction+script only. Dependencies are installed via pip (requests, beautifulsoup4, lxml) — a common and expected approach for a Python scraper. No downloads from unknown URLs or archive extraction were observed.
- Credentials
- okThe skill declares no required environment variables or credentials. All operations are network requests to search engines; no secret access or unrelated service tokens are requested.
- Persistence & Privilege
- okalways is false and the skill is user-invocable. It does not request elevated or persistent system privileges and does not modify other skills or system-wide configs.