ClawHub

Skylar Serper

Security checks across malware telemetry and agentic risk

Overview

This skill is a small Serper.dev search wrapper that does what it claims, but users should remember that their search terms go to an external service.

Before installing, use a Serper.dev API key you are comfortable exposing to this tool and avoid putting secrets, personal data, proprietary project details, or confidential prompts into search queries.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (3)

Vague Triggers

Medium
Confidence
85% confidence
Finding
The description is broad enough that the skill could be invoked for generic research or information-seeking requests without clearly signaling that user queries will be sent to a third-party search provider. That can cause unintentional external data disclosure, especially if an agent includes sensitive user text in search queries during normal research workflows. The risk is contextual but real because the skill is explicitly designed for arbitrary web search.

Missing User Warnings

Medium
Confidence
97% confidence
Finding
The documentation does not warn users that submitted search terms are transmitted to Serper.dev, an external service. This omission can lead to privacy and confidentiality issues if users or upstream agents pass sensitive prompts, proprietary terms, or personal data into the search query. Because the core function of the skill is external search, transparency about data egress is important.

Missing User Warnings

Medium
Confidence
89% confidence
Finding
This tool sends the user-provided search query to the external Serper service, which is a real data-exposure concern because queries may contain sensitive user, enterprise, or task context. In a search skill this behavior is functionally expected, but the code provides no disclosure, consent gate, or filtering/redaction before transmission, so sensitive prompts could be unintentionally shared with a third party.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal