Ollama Web Search
Security checks across malware telemetry and agentic risk
Overview
This is a straightforward Ollama web search/fetch wrapper; the main things to notice are that it uses your Ollama API key, sends queries or URLs to Ollama, and returns untrusted web content.
Before installing, confirm you are comfortable sending search queries and fetch URLs to Ollama under your API key. Avoid using the tool with secret-bearing URLs or sensitive private text, and treat returned webpages as untrusted content rather than instructions.
VirusTotal
VirusTotal findings are pending for this skill version.
Risk analysis
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
Search terms and requested URLs are sent to Ollama when the tool is used.
The local shell tool makes outbound API requests using user-provided search or fetch inputs. The endpoints are fixed to Ollama and the behavior matches the skill purpose.
curl -s -o "$TEMP_DIR/response.txt" ... -X POST "https://ollama.com/api/web_search" ... -d "$JSON_PAYLOAD"
Use it for intended web search/fetch tasks and avoid submitting private URLs, tokens in query strings, or sensitive text as search queries.
Requests made through the skill are authorized with your Ollama account API key.
The script uses the required Ollama API key as a bearer credential for Ollama web search and fetch endpoints. This is disclosed and purpose-aligned.
--header "Authorization: Bearer $OLLAMA_API_KEY"
Use an API key you are comfortable dedicating to this integration, keep it out of prompts and logs, and revoke or rotate it if exposed.
A fetched page could include text that attempts to influence the agent or mislead the user.
Fetched webpage content and links are printed back into the agent/user context. External web content can contain misleading text or prompt-injection style instructions.
print(content[:2000]) ... for link in links[:10]: print(f" - {link}")Treat returned web content as untrusted reference material, not as instructions for the agent to follow.