Skillv0.1.1

ClawScan security

Google Serper Search · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

Scanner verdict

SuspiciousMar 11, 2026, 9:27 AM

Verdict: suspicious
Confidence: high
Model: gpt-5-mini
Summary: The skill is overall consistent with a Serper-based web/image search, but its registry metadata omits the required SERPER_API_KEY and the SKILL.md/README expect that API secret — this mismatch and minor oddities warrant caution before installing.
Guidance: Before installing or enabling this skill: 1) Be aware the included script requires an API key (SERPER_API_KEY) and will send it to https://google.serper.dev — only use a key you trust to be used this way. 2) The skill's registry metadata does not declare this required env var or primary credential; ask the publisher to correct the metadata (primaryEnv should be SERPER_API_KEY). 3) Running the script via the Bash tool exposes the environment to the subprocess and may cause the API key to appear in logs or outputs; avoid using high-privilege or shared keys if you enable it. 4) Confirm you trust the Serper service and that its terms/privacy are acceptable. 5) If you want stronger assurance, request that the publisher provide an updated manifest that explicitly lists SERPER_API_KEY as required and documents data handling (what is sent to the API and what the skill stores or returns).

Review Dimensions

Purpose & Capability: noteThe name, README, SKILL.md, and script all align: the skill calls the Serper API to perform web and image searches. However, the declared registry metadata lists no required environment variables or primary credential, while the code and README clearly expect a SERPER_API_KEY environment variable. That omission is inconsistent and should have been declared as the primary credential.
Instruction Scope: okSKILL.md instructs the agent to run the included Python script via the Bash tool and to parse/format JSON results. The instructions do not ask the agent to read unrelated files or system secrets. The only runtime data required by the script is the SERPER_API_KEY environment variable, which SKILL.md/README mention, though SKILL.md could be clearer about needing that env var when run via the Bash tool.
Install Mechanism: okThis is an instruction-only skill with no install spec; it includes a small Python script that performs HTTP POST requests. No installers, downloads from unknown servers, or archive extraction are present. Risk from installation is low.
Credentials: concernThe script requires a SERPER_API_KEY (sent in the X-API-KEY header to https://google.serper.dev). The registry metadata did not declare this required env var or a primary credential. That mismatch reduces transparency and could lead to accidental exposure of an API key (e.g., if the agent logs command output). No other unrelated credentials are requested.
Persistence & Privilege: okThe skill does not request always:true and does not modify system or other skills' configs. It has normal invocation privileges (agent may call it autonomously), which is expected for a search skill.