Zhipu AI Search
AdvisoryAudited by Static analysis on Apr 30, 2026.
Overview
No suspicious patterns detected.
Findings (0)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
If these permissions are honored, the agent has local Python execution capability while using the skill, so misuse could affect local files or the project environment.
The permission config allows general Python commands through Bash rather than only the specific search_util.py invocation. This is coherent with running the helper script, but broader than the minimum needed for a web-search skill.
"Bash(python:*)", "Bash(python3:*)"
If possible, scope the Bash permission to the exact search_util.py command and remove any unused Write/tool permissions.
Searches may be authenticated, billed, or rate-limited against the user's Zhipu account.
The helper uses a Zhipu API key from the environment and sends it in the Authorization header. This is expected for the stated Web Search API, but users should notice that the registry metadata lists no required credential.
API_KEY = os.getenv("ZHIPUAI_API_KEY", "") ... "Authorization": f"Bearer {API_KEY}"Use an environment variable as documented, avoid hardcoding the key, and consider using a limited or dedicated API key if the provider supports it.
Any sensitive terms included in search queries may be sent to the Zhipu/BigModel service.
The user's search query and parameters are posted to the external BigModel/Zhipu search endpoint. This is clearly aligned with the skill purpose, but it means query text leaves the local environment.
API_URL = "https://open.bigmodel.cn/api/paas/v4/web_search" ... response = httpx.post(API_URL, json=payload, headers=headers, timeout=60)
Avoid searching for confidential secrets or private data unless you are comfortable sending those terms to the provider and have reviewed its terms and pricing.