ClawHub

百度搜索

Security checks across malware telemetry and agentic risk

Overview

This skill does what it says: it sends search queries to Baidu using a user-provided API key, with privacy and quota considerations but no hidden persistence or destructive behavior.

Install only if you are comfortable sending search terms to Baidu and using a Baidu Qianfan API key that may consume quota or incur billing. Avoid searching for secrets, tokens, private customer data, or regulated personal information, and review the proxy-disabling behavior if your environment relies on proxy routing or monitoring.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (2)

Lp3

Medium
Category
MCP Least Privilege
Confidence
84% confidence
Finding
The skill requires access to environment variables and makes outbound network requests, but it does not explicitly declare corresponding permissions in a permission model. This creates a transparency and governance gap: users or hosting platforms may not realize the skill can read secrets such as BAIDU_API_KEY and contact external services, which can weaken review and containment.

Missing User Warnings

Medium
Confidence
90% confidence
Finding
The script sends user-supplied search queries directly to Baidu's external web search API, which can expose sensitive prompts, internal identifiers, or confidential data if users unknowingly include them. In an agent skill context, this is more concerning because agent-generated queries may contain workspace or task-derived data, and the code provides no disclosure, consent check, redaction, or policy guard before transmission.

VirusTotal

58/58 vendors flagged this skill as clean.

View on VirusTotal