Multi-source deep research agent. Searches the web, synthesizes findings, and delivers cited reports. No API keys required.
Security Analysis
medium confidenceThe skill's runtime instructions ask the agent to run absolute-path helper scripts, fetch many web pages with curl, save files, and spawn sub-agents, but the registry metadata does not declare those external script dependencies or config paths — this mismatch and the broad web-fetch behavior merit caution.
The skill claims to be self-contained and requires no credentials, but the SKILL.md explicitly expects a DDG search script at /home/clawdbot/clawd/skills/ddg-search/scripts/ddg and uses other absolute paths. The registry metadata lists no required config paths or binaries, so there's an incoherence between what the skill says it needs and what its runtime instructions actually reference.
Instructions direct the agent to run an external ddg script, perform many web and news searches, fetch the full contents of many URLs via curl, run an inline Python snippet to strip HTML, save reports to the user's home directory, and spawn sub-agents (sessions_spawn). Fetching arbitrary URLs and spawning sub-agents expand the skill's runtime scope and could be used to access internal endpoints or exfiltrate data if the agent environment has such access. The SKILL.md gives broad discretion (15–30 sources, 3–5 deep reads) without constraints on internal hosts or sensitive paths.
This is an instruction-only skill with no install spec or code files to execute; nothing will be written to disk by an installer. That lowers supply-chain risk compared to downloaded archives or NPM installs. However, the runtime depends on external scripts and tools (ddg script, curl, python) being present.
The skill declares no required environment variables or primary credential (consistent with 'no API keys required'), which is appropriate. However, it does require specific filesystem artifacts (the ddg-search script) and uses home-directory paths to save reports — these required config paths were not declared in registry metadata, which is an inconsistency worth noting.
The skill does not request always:true and is user-invocable (normal). It will create directories and write report files under ~/clawd/research/[slug], and its instructions expect the agent to spawn sub-agents. Those are typical for a research tool but increase operational scope; if the agent runs with broad network or filesystem permissions this could be abused. The skill does not attempt to modify other skills or global agent settings.
Guidance
Key things to consider before installing: - Mismatch between metadata and runtime: SKILL.md expects a ddg search script at an absolute path (/home/clawdbot/.../ddg) and requires curl/python at runtime, but the skill registry lists no required config paths or binaries. Verify that the ddg-search helper exists and is trustworthy before enabling the skill. - Web fetch risk (SSRF / data exposure): The skill will fetch many external URLs with curl and may fetch full pages. If your agent environment can reach internal services, the skill could be directed (maliciously or accidentally) to request internal endpoints. Consider restricting outbound network access or running the skill in a sandbox. - Sub-agent spawning: The SKILL.md includes a sessions_spawn pattern. Confirm your platform policies for spawned sessions and what model/rights those sub-agents will have. - File writes: The skill saves reports to ~/clawd/research/[slug]. Confirm you are comfortable with the skill writing to that location and that it will not overwrite important files. - Verify the source: The homepage URL and README have small inconsistencies (different clone URL / author names). Inspect the GitHub repository linked in the skill homepage yourself, review the ddg-search code it depends on, and confirm the repository owner is trustworthy before installing. - If you proceed: run the skill in a restricted environment (no access to internal networks, limited filesystem permissions), or ask the publisher to explicitly declare required config paths and provide guidance on safe operation. If you need higher assurance, request code for the referenced ddg-search script and review it manually.
Latest Release
v1.0.2
Re-publish to fix visibility
Popular Skills
Published by @parags on ClawHub
