Aliyun Web Search

Security checks across malware telemetry and agentic risk

Overview

This Aliyun search skill mostly does what it says, but its setup examples can expose the API key too broadly or over plaintext HTTP, so it should be reviewed before installation.

Install only if you are comfortable sending search queries, and any context the agent includes, to Aliyun. Configure the API key only for this skill if OpenClaw supports that, prefer an HTTPS Aliyun endpoint, verify the host before use, avoid copying realistic example secrets, and rotate the key if it may have been exposed.

SkillSpector

By NVIDIA

Vulnerability Patterns

Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep

Findings (2)

Missing User Warnings

Medium

Confidence: 92% confidence
Finding: The documentation explicitly says the skill supports searching with conversation context, which implies user prompts and possibly prior messages may be sent to Aliyun, but it does not provide a clear privacy warning or consent guidance. This can expose sensitive user data, internal prompts, or confidential business information to a third-party service without users fully understanding the disclosure.

Ssd 3

Medium

Confidence: 95% confidence
Finding: The example configuration includes a value formatted like a real API key (`OS-0fw5937ch3u5eegd`) instead of an obvious placeholder. Even if it is only illustrative, publishing realistic-looking secrets normalizes hardcoding credentials in plaintext config and risks accidental reuse, scanning alerts, or exposure if the token is valid.

VirusTotal

45/45 vendors flagged this skill as clean.

View on VirusTotal