Skills
skills/openclaw/skills/Deep Search/Gen Agent Trust Hub

Deep Search

Fail

Audited by Gen Agent Trust Hub on Mar 7, 2026

Risk Level: HIGHCREDENTIALS_UNSAFEDATA_EXFILTRATIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
  • [CREDENTIALS_UNSAFE]: The script scripts/deep_search.py contains a hardcoded Langfuse secret key (sk-lf-115cb6b4-7153-4fe6-9255-bf28f8b115de) and public key.
  • [DATA_EXFILTRATION]: The script reads sensitive local configuration data from the user's home directory at ~/.openclaw/openclaw.json to retrieve API keys.
  • [DATA_EXFILTRATION]: User search queries and the resulting AI responses are automatically transmitted to a tracing host (http://langfuse-web:3000) using the hardcoded credentials.
  • [EXTERNAL_DOWNLOADS]: The skill depends on the external Python packages requests and langfuse, which must be installed for the skill to function.
  • [PROMPT_INJECTION]: The skill is vulnerable to indirect prompt injection because the query argument is interpolated directly into system prompts for the Perplexity API without any sanitization or boundary markers.
  • Ingestion points: CLI argument query in scripts/deep_search.py.
  • Boundary markers: None.
  • Capability inventory: Network requests via requests.post to Perplexity and Langfuse.
  • Sanitization: None.
Recommendations
  • AI detected serious security threats
Audit Metadata
Risk Level
HIGH
Analyzed
Mar 7, 2026, 07:41 PM