ClawHub

glm-web-search

Security checks across malware telemetry and agentic risk

Overview

This is a straightforward GLM web-search skill, with expected API-key setup and external search calls, but users should protect the stored key and avoid sensitive queries.

Install only if you are comfortable providing a GLM/BigModel API key, storing it in local OpenClaw configuration, and sending search terms to the GLM web-search service. Prefer a limited-use key, restrict the config file permissions, rotate/delete the key when no longer needed, and avoid searching highly sensitive personal or proprietary text through this skill.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Rogue AgentSelf-Modification, Session Persistence
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (4)

Intent-Code Divergence

Medium
Confidence
98% confidence
Finding
The skill states authentication should use a Bearer token in the Authorization header, but the operational example configures the server URL with the API key embedded in the query string. Putting secrets in URLs is dangerous because they are commonly exposed via shell history, process listings, logs, config files, monitoring systems, and proxy/referrer handling, increasing the chance of credential leakage.

Missing User Warnings

Medium
Confidence
94% confidence
Finding
The skill instructs the agent to solicit, handle, and persist a user's API key to a local file without clearly warning that the credential is sensitive or that it will remain stored on disk. This can lead to accidental disclosure, insecure retention, or reuse of the credential in environments where local files are accessible to other users, tools, backups, or logs.

Missing User Warnings

Medium
Confidence
91% confidence
Finding
The skill directs the agent to send search queries to an external GLM web search service but does not warn users that their prompts and related data will leave the local environment. This is dangerous because users may unknowingly transmit sensitive, proprietary, or personal information to a third-party service under the assumption the request is handled locally.

Session Persistence

Medium
Category
Rogue Agent
Content
#### 3.3 保存 API Key

```bash
mkdir -p ~/.openclaw/config
cat > ~/.openclaw/config/glm.json << EOF
{
  "api_key": "API密钥"
Confidence
95% confidence
Finding
mkdir -p ~/.openclaw/config cat > ~/.openclaw

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal