Is anisafifi/web-search-hub safe?

https://github.com/openclaw/skills/tree/main/skills/anisafifi/web-search-hub

97
SAFE

This is a legitimate web search skill that provides DuckDuckGo search functionality through a clean Python implementation. No malicious behavior, prompt injection attempts, or data exfiltration was detected during analysis.

Category Scores

Prompt Injection 95/100 · 30%
Data Exfiltration 100/100 · 25%
Code Execution 95/100 · 20%
Clone Behavior 100/100 · 10%
Canary Integrity 100/100 · 10%
Behavioral Reasoning 90/100 · 5%

Findings (3)

LOW External Dependency Requirement -5

Skill requires installation of duckduckgo-search library via pip, introducing external dependency risk

LOW OpenClawCLI Prerequisite -5

Skill requires OpenClawCLI installation from external source, though this appears legitimate

INFO Search Query Privacy -10

Search queries will be sent to DuckDuckGo API, potentially exposing search terms