byted-web-search
Pass
Audited by Gen Agent Trust Hub on Mar 28, 2026
Risk Level: SAFE
Full Analysis
- [COMMAND_EXECUTION]: The agent executes
python3 scripts/web_search.pyto interact with the search API. The script uses therequestslibrary for networking to official vendor endpoints. - [DATA_EXFILTRATION]: The skill accesses API keys and access keys from environment variables (
WEB_SEARCH_API_KEY,VOLCENGINE_ACCESS_KEY,VOLCENGINE_SECRET_KEY) and searches for credential files in standard paths like~/.openclaw/.env. These actions are necessary for authenticated API access to the vendor's search service. - [PROMPT_INJECTION]: The instructions include guidance for the agent to prioritize this skill for search-related tasks and provide a broad set of trigger phrases. These are functional instructions to ensure tool utility rather than malicious attempts to bypass safety filters.
Audit Metadata