Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
smart-research
v1.0.0多引擎搜索 + 多级降级抓取 + 结构化研究结果。零API Key,一键完成搜索+抓取+融合。
⭐ 0· 46·0 current·0 all-time
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
Capability signals
These labels describe what authority the skill may exercise. They are separate from suspicious or malicious moderation verdicts.
OpenClaw
Suspicious
medium confidencePurpose & Capability
Name/description match the code: the package implements multi-engine search and a multi-stage fetch fallback chain. However there are oddities: the SKILL.md Execution block references script_path: scripts/smart_research.py but the manifest contains smart_research.py at the repository root (path mismatch). The metadata requires a binary named 'uv' (and SKILL.md uses 'uv pip install'), which is a nonstandard wrapper and may not be present on user systems — this is unusual but plausibly needed by the author's environment. Dependency/version lists differ between SKILL.md and requirements.txt (e.g. baidusearch and crawl4ai versions), which is inconsistent and may break installs.
Instruction Scope
The runtime instructions and code use multiple external fetch services (crawl4ai, r.jina.ai/Jina Reader, markdown.new, defuddle, Playwright). That implies the skill will send target URLs (and potentially page content) to third-party services during fetching. This contradicts repeated "privacy-first / no data collection / local execution" claims in the README/SKILL.md. Fetching arbitrary URLs is expected for this tool, but the use of external remote extractors means user content or target URLs can be transmitted off-device — the SKILL.md does not clearly state this data flow.
Install Mechanism
No formal install spec is present in the registry entry despite code files and an Execution YAML in SKILL.md listing dependencies. The SKILL.md expects use of a nonstandard 'uv' command to install packages (e.g. 'uv pip install --system -r requirements.txt'); requiring the 'uv' binary and its usage is unusual and may hide platform-specific behavior. There is no download-from-URL or archive-extract risk in the manifest, but the mismatch between declared dependencies in SKILL.md and requirements.txt (different package names/versions) is a practical installation risk.
Credentials
The skill does not request credentials and declares no required env vars (primaryEnv none). SKILL.md documents optional environment variables (HTTP_PROXY, HTTPS_PROXY, TIMEOUT, PLAYWRIGHT_HEADLESS), which are reasonable for a networked fetcher. No secret-exfiltration patterns were declared, but the skill will perform network requests to third-party services — users should treat that as potential data exposure.
Persistence & Privilege
always is false and the skill does not request elevated or persistent platform privileges. It does not modify other skills' configs per the provided files. Autonomous invocation is allowed (default) which is normal and not flagged on its own.
What to consider before installing
This skill implements the advertised search+fetch features, but several red flags merit caution: (1) SKILL.md claims "local execution / no data collection" while the fetch fallback uses external services (r.jina.ai, crawl4ai, markdown.new, defuddle) — those requests will expose target URLs and possibly page contents to those services; verify you are comfortable with that data flow before using it on private/internal URLs. (2) The Execution block references scripts/smart_research.py but the repository manifest shows smart_research.py at the root — fix the script_path or adjust how you invoke it. (3) The skill expects a nonstandard binary 'uv' and uses 'uv pip' in docs; ensure you understand what 'uv' is and trust it before running install commands. (4) Dependency/version inconsistencies between SKILL.md and requirements.txt may cause installation/runtime errors. Recommended steps: review the fetcher implementations (how/when they call external endpoints), run the code in a sandboxed environment or behind a proxy, validate and pin the dependencies you will install, and avoid feeding private/internal URLs to this skill unless you have explicitly audited the remote services it uses.Like a lobster shell, security has layers — review code before you run it.
latestvk978jghy6gy33f9p575fdsece584ja92
License
MIT-0
Free to use, modify, and redistribute. No attribution required.
Runtime requirements
🔍 Clawdis
Binspython3, uv