ClawHub

Web Search by Tavily

v1.0.0

AI-optimized web search via Tavily API proxy, providing concise and relevant results with options for deep or news-focused queries.

9· 3.9k·17 current·18 all-time
byAIsa@aisadocs·duplicate of @0xjordansg-yolo/ai-native-websearch-via-tavily-api-returns-concise-relevant-results-for-openclaw
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
Name/description (AIsa Tavily web search) match the included scripts and the single required credential (AISA_API_KEY). The required binary (node) is appropriate for the provided .mjs scripts. One minor metadata mismatch: registry Owner ID in the manifest you provided differs from the ownerId inside _meta.json; this is an administrative/integrity note but does not change functional coherence.
Instruction Scope
SKILL.md instructs running the provided node scripts, and those scripts only call AIsa endpoints and print results. The instructions do not ask the agent to read files, other env vars, or system paths beyond the declared AISA_API_KEY.
Install Mechanism
No install spec or external downloads — the skill is instruction+local scripts that run with node. No archive downloads, no third-party package installs are performed by the skill itself.
Credentials
Only AISA_API_KEY is required and is used solely to authorize requests to api.aisa.one. There are no additional secrets, config paths, or unrelated credentials requested.
Persistence & Privilege
Skill is not always-enabled, does not request elevated or persistent system privileges, and does not modify other skills or system-wide settings.
Assessment
This skill appears to do what it claims: run local Node scripts that call AIsa's Tavily proxy using the AISA_API_KEY. Before installing, confirm you trust the AIsa service (https://aisa.one) because the API key you provide grants that service access to perform searches/extractions on your behalf. The package does not appear to read other files or exfiltrate unrelated environment variables, but if you are concerned, inspect the two scripts yourself or only provide an API key with limited scope/permissions. Also note the small manifest ownerId mismatch in metadata — if provenance matters to you, ask the publisher to clarify ownership.

Like a lobster shell, security has layers — review code before you run it.

latestvk9736w9t783wz77dqwrhqh4f25814c3v

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Runtime requirements

🔍 Clawdis
Binsnode
EnvAISA_API_KEY
Primary envAISA_API_KEY

Comments