Is 0xjordansg-yolo/openclaw-aisa-search-website-academic-tavily-serp-exa safe?
This skill is a legitimate multi-source search API wrapper for the AIsa search service, providing web, academic, and Tavily search with confidence scoring. The code is clean with no prompt injection, no malicious code execution patterns, and intact canary files. The primary risk is inherent to its function: all search queries and API credentials are sent to a third-party service (api.aisa.one), and the tavily-extract/crawl endpoints accept arbitrary URLs which could be leveraged in multi-skill attack chains.
Category Scores
Findings (5)
LOW All user queries sent to third-party API -8 ▶
Every search operation transmits the user's query text and API key to api.aisa.one. While this is the intended functionality, it means all research queries are shared with a third-party service whose data handling practices are opaque.
LOW Arbitrary URL extraction via tavily endpoints -10 ▶
The tavily-extract and tavily-crawl endpoints accept arbitrary URLs, meaning an agent could be directed to extract or crawl internal/sensitive URLs. The content is proxied through the third-party API, creating a potential SSRF-like vector.
INFO Executable Python script included -10 ▶
The skill includes search_client.py which is intended to be executed via python3. The script uses only standard library modules and contains no dangerous operations (no eval, exec, subprocess, or file system manipulation beyond reading the API key environment variable).
INFO External documentation URLs referenced -5 ▶
SKILL.md references external URLs for API documentation (aisa.mintlify.app) and a reference implementation (github.com/AIsa-team/verity). These are informational links, not instructions for the agent to fetch and execute.
INFO Clean install with no unexpected behavior -5 ▶
The git clone operation showed only expected network traffic (GitHub, DNS, system services). No connections to skill-author infrastructure or unknown endpoints were observed.