Openclaw Cn 百度搜索

PassAudited by ClawScan on May 1, 2026.

Overview

This appears to be a coherent Baidu web-search proxy with expected API-key and network use, with ordinary privacy and local-service hardening notes.

Install if you are comfortable providing a Baidu API key and having search queries sent to Baidu. Keep the service on 127.0.0.1, do not expose port 8001 unless you add protections, and stop any background server when finished.

Findings (4)

Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.

Low

#ASI03: Identity and Privilege Abuse

What this means

Installing and running the skill lets it use your Baidu API key and associated quota for search requests.

Why it was flagged

The skill reads the user's Baidu API key from the environment and sends it as a bearer credential to Baidu.

Skill content

api_key = os.getenv("BAIDU_API_KEY") ... "Authorization": f"Bearer {api_key}"

Recommendation

Use a Baidu API key scoped for this purpose if available, monitor usage, and rotate the key if you uninstall or no longer trust the skill.

Low

#ASI07: Insecure Inter-Agent Communication

What this means

Search terms may contain private or sensitive information and will be disclosed to Baidu as part of normal operation.

Why it was flagged

The implementation places the user's search query into the request body sent to Baidu's external AI search endpoint.

Skill content

BAIDU_API_URL = "https://qianfan.baidubce.com/v2/ai_search/web_search" ... "content": request.query

Recommendation

Avoid sending confidential queries unless you are comfortable with Baidu receiving them, and review Baidu's API/privacy terms.

Low

#ASI02: Tool Misuse and Exploitation

What this means

If run through this entry point on an exposed machine, other network clients could reach the unauthenticated search endpoint and consume API quota.

Why it was flagged

The direct script entry point listens on all network interfaces, while the documented commands generally bind to 127.0.0.1.

Skill content

uvicorn.run("baidu_search.main:app", host="0.0.0.0", port=8001)

Recommendation

Run the service bound to 127.0.0.1 as documented, or protect port 8001 with firewalling/authentication if exposing it is intentional.

Info

#ASI10: Rogue Agents

What this means

The search service may keep running until stopped, continuing to accept local requests and use the configured API key.

Why it was flagged

The documentation shows an optional background run command for the local service.

Skill content

PYTHONPATH=src .venv/bin/python -m uvicorn baidu_search.main:app --host 127.0.0.1 --port 8001 &

Recommendation

Start it only when needed and stop the background process when you are done.