Business Search
AdvisoryAudited by Static analysis on May 13, 2026.
Overview
No suspicious patterns detected.
Findings (0)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
A user may over-trust uncited business, legal-risk, or financing information and make decisions without being able to check where the claims came from.
The skill relies on web search results for business due diligence, risk, and financial information, but instructs the agent not to list sources, reducing user ability to verify claims.
将搜索结果整理为结构化报告,**不列出数据来源**
Require source citations or links for all factual claims, especially for risk, legal, financing, and due-diligence outputs.
The skill may fail on other systems or execute whatever local baidu-search script exists at that path if the helper is missing, changed, or untrusted.
The script depends on another local skill script and a hard-coded Windows user path, but that dependency is not included or declared in the install metadata.
self.search_script = "~/.workbuddy/skills/baidu-search/scripts/search.py" ... self.search_script.replace("~", "C:/Users/98148")Declare the baidu-search dependency explicitly, avoid hard-coded user paths, and verify the referenced helper skill before use.
Confidential research interests, such as a potential investment or partnership target, may be exposed through search queries.
The skill routes user business-search queries through another search skill, which likely sends company names and requested investigation topics to an external search provider.
使用 baidu-search skill 执行搜索: python ~/.workbuddy/skills/baidu-search/scripts/search.py '{"query":"查询内容", "count": 10}'Avoid entering confidential deal names or sensitive investigation intent unless you are comfortable sending those queries to the search provider.