Aliyun Web Search

WarnAudited by ClawScan on May 10, 2026.

Overview

The skill does what it says—Aliyun web search—but its examples use plain HTTP while the script sends a bearer API key, which could expose the key.

Install only if you are comfortable using an Aliyun API key and sending search queries to Aliyun. Before enabling it, configure an official HTTPS Aliyun endpoint if possible, protect the API key in your OpenClaw configuration, and avoid searching for sensitive private information.

Findings (3)

Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.

High

#ASI03: Identity and Privilege Abuse

What this means

If the HTTP endpoint is used, the Aliyun API key could be exposed to network observers or intercepted, allowing unauthorized use of the user's Aliyun search service.

Why it was flagged

The script sends the Aliyun API key as a bearer token to the configured host. SKILL.md examples configure that host with plain http:// Aliyun URLs, so following the documented setup could transmit the credential without TLS.

Skill content

BASE_URL="${ALIYUN_SEARCH_HOST:-}"
...
curl -s -X POST "$URL" \
  -H "Content-Type: application/json" \
  -H "Authorization: Bearer $API_KEY"

Recommendation

Use an HTTPS Aliyun endpoint if available, verify the host is the official Aliyun service for the intended region, and rotate the API key if it has been used over plain HTTP.

Low

#ASI07: Insecure Inter-Agent Communication

What this means

Search terms, and any sensitive context included in the query, may be sent to Aliyun.

Why it was flagged

The skill sends the user's search query to the configured Aliyun search service. This is expected for a web search integration, but users should understand that query text leaves the local agent.

Skill content

"query": "$QUERY",
...
curl -s -X POST "$URL" ... -d "$BODY"

Recommendation

Avoid putting secrets, private documents, or confidential conversation details into search queries unless you are comfortable sending them to the configured Aliyun service.

Info

#ASI04: Agentic Supply Chain Vulnerabilities

What this means

Users have less external provenance information for verifying the skill's origin or updates.

Why it was flagged

The registry information provides no source repository or homepage. The included code is small and reviewable, so this is a provenance note rather than a standalone concern.

Skill content

Source: unknown
Homepage: none

Recommendation

Review the included script before use and prefer installing from a known, maintained source when available.