ClawHub

Web Search via SearXNG

Security checks across malware telemetry and agentic risk

Overview

This appears to be a web-search skill whose external SearXNG use matches its purpose, but users should understand searches are sent to third-party services.

Install only if you are comfortable with search queries leaving your local environment for a configured or public SearXNG instance and possibly downstream search engines. Do not use it for secrets, private customer data, unreleased business information, or sensitive personal queries unless you control and trust the search instance.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (3)

Lp3

Medium
Category
MCP Least Privilege
Confidence
93% confidence
Finding
The skill documentation describes clear network behavior and use of external SearXNG instances, but there is no corresponding declaration of network capability or permission boundary in the skill metadata. This creates a transparency and policy-enforcement gap: users or orchestrators may invoke a networked skill without realizing queries are sent off-device to third parties.

Vague Triggers

Medium
Confidence
87% confidence
Finding
The trigger language is very broad: it suggests using the skill for generic requests like 'look up Y' or 'find information about Z,' which overlap with common assistant behavior. Over-broad routing can cause unintended activation, sending sensitive or unnecessary user content to an external search service when a local response would have sufficed.

Missing User Warnings

Medium
Confidence
96% confidence
Finding
The markdown repeatedly instructs use of public SearXNG instances and describes sending arbitrary user queries externally, but it does not clearly warn that user text leaves the local environment. Because searches may include sensitive topics, identifiers, or proprietary content, this omission creates a real privacy and data-handling risk.

VirusTotal

67/67 vendors flagged this skill as clean.

View on VirusTotal