ClawHub

112131131313131

v1.0.0

Search the web using Baidu AI Search Engine (BDSE). Use for live information, documentation, or research topics.

0· 90·0 current·0 all-time
by燕楠 (Nan Yan)@yannan·duplicate of @bzmtxh/baidu-search-1
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
The code, SKILL.md, and required env var (BAIDU_API_KEY) align with the stated purpose (Baidu AI web search). Minor inconsistencies exist in top-level registry metadata (skill name shown to evaluator is '112131131313131', slug/version/ownerId in the registry differ from the _meta.json and SKILL.md which use 'baidu-search'), which is likely bookkeeping/packaging noise but worth verifying the publisher before trusting keys.
Instruction Scope
Runtime instructions only run the included Python script and require BAIDU_API_KEY; the script constructs a search request and posts to Baidu's qianfan API. The SKILL.md and reference guide ask you to place the API key into ~/.openclaw/openclaw.json and restart the gateway — this is within the expected scope. Note: the script prints parsed input and results to stdout, so any sensitive data you pass in the query will appear in logs/output.
Install Mechanism
No install spec is present (instruction-only plus an included script). Required binary is only python3; no downloads or external installers are used. This is low-risk from an installation perspective.
Credentials
Only a single credential (BAIDU_API_KEY) is requested and declared as the primaryEnv. That matches the skill's functionality. The reference instructs storing the API key in the OpenClaw config file (~/.openclaw/openclaw.json) which is typical but stores the key in plaintext — consider secrets management if that is a concern.
Persistence & Privilege
The skill is not always-on and does not request elevated platform privileges. It asks users to update their OpenClaw config and restart the gateway to persist the API key for future runs; this affects only the skill's own config entries and is expected behavior.
Assessment
This skill is coherent with its stated purpose but take the following precautions before installing: 1) Verify the publisher/source (registry metadata and embedded _meta.json differ) to ensure you trust this package. 2) Treat BAIDU_API_KEY as a secret — prefer a secrets manager or restricted file permissions instead of plaintext in ~/.openclaw/openclaw.json. 3) Be aware that queries and results are printed to stdout and may be logged; avoid passing sensitive data as the query. 4) Review network policy and cost implications for calling Baidu's API from your environment. If you need higher assurance, run the script manually in an isolated environment and inspect behavior before adding it to a shared agent.

Like a lobster shell, security has layers — review code before you run it.

latestvk97b526gswemnczq7kspjf2xmd84gfn0

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Runtime requirements

🔍︎ Clawdis
Binspython3
EnvBAIDU_API_KEY
Primary envBAIDU_API_KEY

Comments