Back to skill
Skillv1.0.2
ClawScan security
proxy-web-search · ClawHub's context-aware review of the artifact, metadata, and declared behavior.
Scanner verdict
BenignMar 14, 2026, 5:50 AM
- Verdict
- benign
- Confidence
- high
- Model
- gpt-5-mini
- Summary
- The skill's code and instructions match its stated purpose (posting search queries to a configured web-search proxy); the only notable issue is a small metadata mismatch about a required environment variable.
- Guidance
- This skill appears to do exactly what it says: post search queries to a configured proxy. Before installing, verify the WEB_SEARCH_PROXY_URL you will use points to a trusted OpenClaw Manager proxy (not an arbitrary public URL), because that proxy will receive the full query (including any sensitive text) and will handle API keys. Also ask the publisher/registry to fix the metadata mismatch (the script and SKILL.md require WEB_SEARCH_PROXY_URL but the top-level registry summary listed none). Avoid sending passwords, tokens, or other secrets as search queries, and ensure curl is available on your runtime host.
Review Dimensions
- Purpose & Capability
- noteThe skill's name/description (proxy web search) aligns with the included script and SKILL.md: both send JSON search requests to a configured proxy. However, the top-level registry requirements listed in the provided metadata claim no required env vars, while SKILL.md and scripts require WEB_SEARCH_PROXY_URL — this metadata mismatch should be corrected.
- Instruction Scope
- okRuntime instructions and the wrapper script only build a JSON payload from CLI args and POST it to the WEB_SEARCH_PROXY_URL. They do not read other files, credentials, or unrelated env vars, nor do they transmit data to endpoints other than the configured proxy.
- Install Mechanism
- okThere is no install spec (instruction-only with an included convenience script). No packages or remote downloads are performed by the skill itself; risk from installation is minimal.
- Credentials
- noteThe only environment dependency required by the script is WEB_SEARCH_PROXY_URL, which is proportionate for a proxy-based search tool. SKILL.md states the Manager injects API keys from encrypted storage (reasonable). The prior registry summary that listed 'Required env vars: none' is inconsistent with the script and SKILL.md and should be fixed. Also note: queries sent to the proxy will be visible to whoever controls that proxy, so the environment value must point to a trusted Manager instance.
- Persistence & Privilege
- okThe skill does not request always:true, does not modify agent/system configuration, and has no elevated persistence needs. It is user-invocable and can be autonomously invoked (platform default) but that is expected for a search skill.