Skills
skills/mvanhorn/clawdbot-skill-search-x/search-x/Gen Agent Trust Hub

search-x

Pass

Audited by Gen Agent Trust Hub on Mar 9, 2026

Risk Level: SAFEPROMPT_INJECTIONEXTERNAL_DOWNLOADS
Full Analysis
  • [PROMPT_INJECTION]: User-supplied search queries are directly interpolated into the system prompt for the Grok model in scripts/search.js. This allows for potential direct prompt injection. Additionally, the skill has an indirect prompt injection surface when processing tweet content. (Ingestion points: api.x.ai response content in scripts/search.js; Boundary markers: None; Capability inventory: Console output; Sanitization: None).
  • [DATA_EXFILTRATION]: The script reads ~/.clawdbot/clawdbot.json to retrieve API keys. This is the intended configuration path for the OpenClaw environment, though it involves accessing a file in the user's home directory that may contain sensitive data.
  • [EXTERNAL_DOWNLOADS]: The skill communicates with the official api.x.ai endpoint to perform searches, which is a well-known and expected service for this utility.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 9, 2026, 09:57 PM