ClawHub

Baidu Web Search

Security checks across malware telemetry and agentic risk

Overview

This is a straightforward Baidu web-search skill that sends search queries to Baidu using a configured API key, with no hidden persistence or unrelated local access found.

Install this only if you want Baidu Qianfan-backed web search and are comfortable sending search terms to Baidu. Configure the API key through trusted OpenClaw/ClawHub settings or a private local config, avoid sharing the key in public chats or logs, and use the skill only for clear web-search or current-information requests.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (3)

Vague Triggers

Medium
Confidence
84% confidence
Finding
The top-level description activates on broad phrases like '查一下', '搜一下', '最近', '今天', and '今年', which are common in ordinary conversation and can cause unintended invocation of the web-search skill. Over-broad routing can send user queries to external retrieval unnecessarily, increasing privacy exposure and making the agent rely on external data when not needed.

Vague Triggers

Medium
Confidence
90% confidence
Finding
The '何时使用' section lists many ambiguous trigger phrases without boundaries, making it easy for an orchestrator to over-select this skill for benign or unrelated requests. In context, this can leak more user prompts to the Baidu-backed search workflow than necessary and degrade safety by broadening external data access.

Missing User Warnings

Medium
Confidence
88% confidence
Finding
The skill transmits the user's raw search query to Baidu's external web search API, which can expose sensitive user input to a third party. In a web-search skill this is functionally necessary, but the absence of any disclosure, consent mechanism, or query-sensitivity guard means users may unknowingly send personal, confidential, or regulated data off-platform.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal