free-web-search
Security checks across malware telemetry and agentic risk
Overview
This search skill mostly matches its stated purpose, but it can install browser tooling outside the declared install flow and runs an anti-detection browser with weakened security settings.
Install or run this only in an isolated environment you are comfortable modifying. Review the dependency installation behavior, be aware it uses stealth browser automation to scrape pages, and treat fetched webpage text as untrusted content.
VirusTotal
VirusTotal findings are pending for this skill version.
Risk analysis
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
Invoking the search tool on a system without its dependencies may change the local environment by installing packages and browser components.
The script contains a runtime installer path that can modify the Python environment and download a browser dependency, while the supplied registry metadata declares no install spec.
subprocess.run([sys.executable, "-m", "pip", "install", "-q", "playwright", "--break-system-packages"]); subprocess.run([sys.executable, "-m", "playwright", "install", "chromium"])
Declare this as an install step, pin dependencies, avoid runtime auto-installation, and require explicit user approval before installing packages or browser binaries.
A malicious webpage could have a larger attack surface than it would in a normally sandboxed browser session.
The browser used to visit search engines and target webpages is launched with security-reducing flags, increasing exposure when loading untrusted web content.
'--no-sandbox', '--disable-web-security', '--allow-running-insecure-content'
Run this skill in an isolated environment, remove unnecessary browser security-disabling flags, and prefer safer HTTP fetching where possible.
Use may violate some websites' automation rules or cause IP blocking, even though it is aligned with the stated web-search function.
The skill openly advertises anti-bot/anti-scraping evasion as part of its search and page-fetching behavior.
反爬检测绕过:多层反检测措施(stealth.js)
Use only where automated access is allowed and keep throttling and site exclusions enabled.
Future dependency changes or a compromised package source could affect what gets installed.
The setup script downloads unpinned Python packages and a browser binary, which is expected for Playwright but lacks version pinning or integrity checks.
$PIP install httpx beautifulsoup4 playwright $PIP_ARGS playwright install chromium
Pin package versions, use a lockfile or hashes, and document the trusted package index and browser source.
A webpage could include text that tries to mislead the agent if the agent treats fetched content as instructions instead of data.
The skill can return full text from arbitrary webpages into the agent context, and that text may contain untrusted instructions or prompt-injection content.
`full` | 整数 | 抓取前N条结果的网页全文 | 0 | 0-5
Treat search results and fetched page text as untrusted reference material, not as instructions to follow.