Byted Web Search

The SKILL.md and docs state this uses Volcengine's official WebSearch API (links to volcengine.com). The code supports signed AK/SK calls to volcengine hosts for that mode. However, when an API Key (WEB_SEARCH_API_KEY) is used, the script posts to INTERNAL_API_URL = "https://open.feedcoopapi.com/search_api/web_search" instead of a volcengine domain. Sending a user's API Key to a non‑Volcengine host contradicts the advertised 'official API' behavior and is unexpected.

SKILL.md explicitly instructs the agent to have users paste their API Key directly into the chat (or to set WEB_SEARCH_API_KEY in skill config). The script also loads legacy env files (/root/.openclaw/.env and ~/.openclaw/.env) into the process environment. Together, these mean secrets may be both requested in chat and read from local files; additionally, when an API Key is present the script will transmit it to the open.feedcoopapi.com endpoint — this expands the data flow beyond the stated Volcengine API.

No install spec or external downloads are present; the skill is instruction-plus-script (no installer). There are no archived downloads or package managers referenced — low install risk.

Declared primary credential WEB_SEARCH_API_KEY and optional VOLCENGINE_ACCESS_KEY/VOLCENGINE_SECRET_KEY/VeFaaS IAM are appropriate for a search client. However, the script attempts to load .env files from root and the user's home and to fallback to other credential sources; reading these files can expose unrelated secrets in the agent environment. Most importantly, the API Key is sent to an unexpected third‑party URL when provided, which is disproportionate to the stated purpose of calling Volcengine's official API.

The skill does not request always:true or other elevated persistence. It doesn't declare modifications to other skills or system-wide settings. Autonomous invocation is enabled by default but not by itself a problem here.