Skills
skills/bytedance/agentkit-samples/byted-web-search/Gen Agent Trust Hub

byted-web-search

Pass

Audited by Gen Agent Trust Hub on May 11, 2026

Risk Level: SAFE
Full Analysis
  • [EXTERNAL_DOWNLOADS]: The skill performs network requests to mercury.volcengineapi.com and open.feedcoopapi.com to retrieve search results. These are official service endpoints for Volcengine and Bytedance respectively.
  • [COMMAND_EXECUTION]: The skill uses a Python script (scripts/web_search.py) to handle API interactions and output formatting, which is triggered by the agent during search tasks.
  • [CREDENTIALS_UNSAFE]: The script web_search.py is designed to load authentication tokens from environment variables and local .env files (e.g., ~/.openclaw/.env). It also provides a mechanism for users to provide keys directly via chat, which is the documented setup process for this specific tool.
  • [PROMPT_INJECTION]: The SKILL.md file contains instructions for the agent to optimize tool usage based on user intent (e.g., verifying facts, checking current prices). These instructions are aimed at improving the agent's accuracy and do not attempt to override safety protocols.
Audit Metadata
Risk Level
SAFE
Analyzed
May 11, 2026, 07:07 AM