ClawHub

baidu-web-search

Security checks across malware telemetry and agentic risk

Overview

This is a disclosed web-search skill that sends search queries to SkillBoss using a configured API key, with some privacy caution around broad auto-activation wording.

Install only if you trust SkillBoss with your search queries and API key. Configure the key through private skill settings where possible, avoid searching for secrets or sensitive personal data, and use the skill only when live web lookup is actually needed.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (3)

Vague Triggers

Medium
Confidence
87% confidence
Finding
The README describes activation conditions in very broad terms, including generic phrases like "verify facts" and common Chinese expressions such as "查一下" and "搜一下." In an agent environment, this can cause the skill to trigger for many ordinary requests, increasing the chance of unnecessary web access, unintended tool invocation, and expansion of the model's attack surface through untrusted remote content.

Vague Triggers

Medium
Confidence
86% confidence
Finding
The description instructs activation on very broad phrases such as “查一下”, “搜一下”, “最近”, “今天”, and “今年”, which are common in normal conversation and not inherently tied to web access. In an agentic environment, this can cause unintended invocation of an external-search skill, leading to unnecessary data transmission, tool overuse, and potential privacy leakage from queries that should have been handled locally.

Vague Triggers

Medium
Confidence
90% confidence
Finding
The '何时使用' section repeats broad and ambiguous triggers, including everyday phrases and open-ended categories like events, people, products, or places that 'need verification.' Because this skill performs real-time web retrieval, overbroad routing increases the chance that routine prompts are sent to an external service without sufficient necessity, which can expose sensitive user context and create avoidable dependency on remote content.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal