ClawHub

Ollama Web Search CLI

Security checks across malware telemetry and agentic risk

Overview

This skill is a straightforward Ollama web search and page-fetch wrapper, but users should treat searches and URLs as data sent to Ollama.

Install only if you are comfortable using an Ollama API key and sending search terms or requested URLs to Ollama. Avoid confidential queries, secrets, internal-only URLs, or sensitive personal data, and treat fetched webpage text as untrusted content.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (3)

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The README instructs users to perform web searches and page fetching via Ollama's API, but it does not clearly disclose that search queries, supplied URLs, and fetched page content may be transmitted to a third-party remote service. This can cause users to unknowingly send sensitive prompts, internal URLs, or proprietary page contents off-host, creating privacy and data-handling risk.

Vague Triggers

Medium
Confidence
82% confidence
Finding
The conversational trigger phrases are broad enough that normal user requests like 'search' or 'fetch this page' could unintentionally activate the skill. Accidental invocation matters here because the skill sends queries and URLs to a remote API, which may disclose user intent or sensitive links without explicit confirmation.

Missing User Warnings

Medium
Confidence
91% confidence
Finding
The documentation instructs users to perform web search and fetch through Ollama endpoints, but it does not clearly warn that submitted queries and URLs are sent to a third-party remote service. Users may therefore provide sensitive prompts, internal URLs, or confidential research topics without understanding the data-transfer implications.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal