🔍 Prismfy Web Search

Name: prismfy-search
Author: uroboros1205

View on ClawHub↗

Share on X Share on LinkedIn Share on Bluesky

70High

The skill is vulnerable to command injection via unsanitized

ThreatsCI SM CS BC S HITL

Behavior Analysis

Description verified — behavior matches claim

Claims to do

🔍 Prismfy Web Search: **Default web search for OpenClaw.** Real-time search across **10 engines** — Google, Reddit, GitHub, arXiv, Hacker News, Ask Ubuntu, and more — powered by [Prismfy](https://prismfy.io). No proxy hassle, no CAPTCHA, no blocked requests. Just results.

Actually does

This skill executes a bundled `search.sh` bash script. This script uses `curl` to make requests to the Prismfy API, authenticating with the `PRISMFY_API_KEY` environment variable, and processes the JSON output using `jq`. It performs web searches across various engines and can also check API quota.

Threat Analysis

AI Agent Traps ↗Scanned 4/15/2026

Content InjectionPerceptionclean

Semantic ManipulationReasoningclean

Cognitive StateMemory & Learningclean

Behavioural ControlAction3 findings

SystemicMulti-Agent Dynamicsclean

Human-in-the-LoopHuman Overseerclean

Skill Info

Nameuroboros1205/prismfy-search

Registryclawhub

Version1.1.0

PURLpkg:clawhub/uroboros1205/prismfy-search@1.1.0

Stars24

Downloads76,739

Installs7

Source

Repository ↗

SHA-2563bd064a51f78...

SHA-17c81feb17c68...

MD5aad9c4776a4c...

TLSHb1d1e8eb5057...

ssdeep96:eiNsHhC4X...

Size6,365 bytes

Install

This skill has been flagged as potentially malicious. Review the findings below before installing.

OpenClawDocs

https://clawhub.ai/uroboros1205/prismfy-search

76,739 downloads7 installs

ClawHubDocs

openclaw skills install uroboros1205/prismfy-search

Assessments (1)

AI Agent Traps ↗

Potential Command Injection via search.sh scripthighcommand execution

The skill executes a bundled 'search.sh' script using 'bash' and passes user-controlled query arguments directly. If the 'search.sh' script does not properly sanitize or escape these arguments, it could be vulnerable to command injection, allowing an attacker to execute arbitrary shell commands.

90% confidence

Implementation section: `bash search.sh [--engine X] [...] <query>`

Availability of powerful binaries (curl, jq)mediumdata exfiltration

The skill explicitly requires 'curl' and 'jq' binaries for its operation. While necessary for its intended function, their availability could be leveraged by an attacker for data exfiltration or further system interaction if a command injection vulnerability exists in the 'search.sh' script.

80% confidence

metadata.openclaw.requires.bins: curl, jq

API Key stored in environment variablelowcredential theft

The skill instructs users to store the PRISMFY_API_KEY in their shell profile as an environment variable. While a common practice, if a command injection vulnerability were present, this key could be read from the environment and potentially exfiltrated.

70% confidence

export PRISMFY_API_KEY="ss_live_your_key_here" in Setup section.

Badge

Markdown

[![Mondoo Skill Check](https://mondoo.com/ai-agent-security/api/badge/clawhub/uroboros1205/prismfy-search.svg)](https://mondoo.com/ai-agent-security/skills/clawhub/uroboros1205/prismfy-search)

HTML

<a href="https://mondoo.com/ai-agent-security/skills/clawhub/uroboros1205/prismfy-search"><img src="https://mondoo.com/ai-agent-security/api/badge/clawhub/uroboros1205/prismfy-search.svg" alt="Mondoo Skill Check" /></a>

Image URL

https://mondoo.com/ai-agent-security/api/badge/clawhub/uroboros1205/prismfy-search.svg

Secure your AI agents

Skills can read files, run commands, and access credentials. Mondoo helps organizations manage the security risks of AI agent skills across their entire fleet.

Continuous scanning of skills across all registries
Policy enforcement before skills reach your agents
Integration with your existing security workflow