ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

alphaear-search

v1.0.0

Perform finance web searches and local context searches. Use when the user needs general finance info from the web (Jina/DDG/Baidu) or needs to retrieve fina...

0· 44·1 current·1 all-time
by@zhouzhonglu8-png
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Suspicious
high confidence
Purpose & Capability
Name/description (finance web + local RAG search) is broadly consistent with the code: SearchTools, Jina/DDG/Baidu adapters, and Local RAG exist. However the package also contains sentiment analysis, an LLM factory/router, and model capability tests that go beyond a minimal search helper. Those extra capabilities are plausible for a finance search product (sentiment scoring, LLM-driven summarization), but they increase the runtime footprint and credential needs compared to what's declared in the metadata and SKILL.md.
!
Instruction Scope
SKILL.md instructs using SearchTools for web/local search but does not mention that runtime code will: perform outbound HTTP requests to multiple external services (Jina, search engines), read many environment variables (various LLM provider keys, JINA_API_KEY, EMBEDDING_MODEL, SEARCH_CACHE_TTL, etc.), download large ML models (transformers / SentenceTransformer when BERT/vector modes are used), and write a local SQLite DB (default path data/signal_flux.db). The instructions do not enumerate those side-effects or the extra modules (sentiment, LLM routing) that may trigger network calls or model downloads.
Install Mechanism
There is no install spec (instruction-only in registry), but the skill bundle includes many Python source files requiring heavy third-party packages (sentence_transformers, transformers, sklearn, rank_bm25, agno.*, duckduckgo-search, etc.). The absence of an install script or declared dependencies means runtime may fail or implicitly perform network downloads (Hugging Face model pulls). This is not an outright malicious install vector, but it's a practical risk and an inconsistency with registry metadata.
!
Credentials
Registry lists no required env vars, yet the code reads many secrets and config variables (e.g., JINA_API_KEY, UST_KEY_API, DEEPSEEK_API_KEY, DASHSCOPE_API_KEY, OPENROUTER_API_KEY, ZAI_KEY_API, UST_URL, EMBEDDING_MODEL, BERT_SENTIMENT_MODEL, SENTIMENT_MODE, SEARCH_CACHE_TTL). Some are relevant for optional backends, but their presence is not documented in SKILL.md or metadata. That mismatch is a red flag: the skill can use any API key present in the environment to call external LLMs or services.
Persistence & Privilege
The skill does not request always:true and does not modify other skills. It creates and writes a local SQLite DB (default data/signal_flux.db) and persists cached search results and daily_news entries; that is expected for a search/cache capability but should be disclosed. Autonomous invocation (disable-model-invocation=false) is the platform default and not by itself a concern.
What to consider before installing
This skill's code does more than a minimal web search helper: it will perform outbound network requests, may call external LLM providers if API keys exist in your environment, can download transformer/embedding models, and will create a local SQLite database. Before installing or enabling it: - Review and restrict environment variables: do not place high-privilege API keys (cloud credentials, wide-scope LLM keys) in the environment unless you trust the code. Prefer using a dedicated, limited-scope key if needed. - Run in an isolated environment (container/VM) to observe network activity and file writes (the skill writes data/signal_flux.db by default). - If you only need basic web search, ask the author to produce a trimmed build that omits LLM/sentiment/model-router code or to explicitly document all required env vars and Python dependencies. - Be aware of large model downloads (transformers / SentenceTransformer) which may occur at runtime and consume bandwidth/storage. - If you need extra assurance, request from the publisher: (1) an explicit dependency list or install script, (2) a list of environment variables the skill will read/use, and (3) confirmation of no hidden external endpoints. Given the metadata omits the environment/dependency footprint, treat this skill as suspicious until those gaps are clarified.

Like a lobster shell, security has layers — review code before you run it.

latestvk97bakj8d7r5f7jspcmer0qa85840qg0

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments