ClawHub
Back to skill

Security audit

proxy-web-search

Security checks across malware telemetry and agentic risk

Overview

This skill is a small, disclosed web-search wrapper that sends search requests to a user-configured OpenClaw Manager proxy.

Install only if you trust the OpenClaw Manager proxy set in WEB_SEARCH_PROXY_URL. Avoid putting secrets, private personal data, or sensitive internal prompts into search queries, since query text will be sent to that proxy and potentially onward to search providers.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Findings (2)

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The script transmits the user's raw search query and related parameters to an external proxy service without any explicit user-facing notice, consent step, or validation of the destination. In a search skill, this is expected functionality, but it still creates a real privacy and data-handling risk because users may assume queries go directly to a search provider rather than through an intermediate proxy controlled by another party.

External Transmission

Medium
Category
Data Exfiltration
Content
# Build JSON payload
PAYLOAD="{\"search_query\": \"$SAFE_QUERY\", \"search_engine\": \"$ENGINE\", \"search_intent\": $INTENT, \"count\": $COUNT, \"search_recency_filter\": \"$RECENCY\"}"

# Execute cURL request to Web Search Proxy (no auth needed)
curl -s --request POST \
  --url "${PROXY_URL}/" \
  --header "Content-Type: application/json" \
Confidence
93% confidence
Finding
cURL request to Web Search Proxy (no auth needed) curl -s --request POST \ --url "${PROXY_URL}/" \ --header "Content-Type: application/json" \ --data

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.