Skillv1.0.0

ClawScan security

Web Search by Tavily · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

BenignFeb 14, 2026, 1:18 PM

Verdict: Benign
Confidence: high
Model: gpt-5-mini
Summary: The skill's code, runtime instructions, and requested credential align with its stated purpose (proxy web search via AIsa/Tavily); nothing in the package attempts to access unrelated secrets or system resources.
Guidance: This skill appears to do what it claims: run local Node scripts that call AIsa's Tavily proxy using the AISA_API_KEY. Before installing, confirm you trust the AIsa service (https://aisa.one) because the API key you provide grants that service access to perform searches/extractions on your behalf. The package does not appear to read other files or exfiltrate unrelated environment variables, but if you are concerned, inspect the two scripts yourself or only provide an API key with limited scope/permissions. Also note the small manifest ownerId mismatch in metadata — if provenance matters to you, ask the publisher to clarify ownership.

Purpose & Capability: okName/description (AIsa Tavily web search) match the included scripts and the single required credential (AISA_API_KEY). The required binary (node) is appropriate for the provided .mjs scripts. One minor metadata mismatch: registry Owner ID in the manifest you provided differs from the ownerId inside _meta.json; this is an administrative/integrity note but does not change functional coherence.
Instruction Scope: okSKILL.md instructs running the provided node scripts, and those scripts only call AIsa endpoints and print results. The instructions do not ask the agent to read files, other env vars, or system paths beyond the declared AISA_API_KEY.
Install Mechanism: okNo install spec or external downloads — the skill is instruction+local scripts that run with node. No archive downloads, no third-party package installs are performed by the skill itself.
Credentials: okOnly AISA_API_KEY is required and is used solely to authorize requests to api.aisa.one. There are no additional secrets, config paths, or unrelated credentials requested.
Persistence & Privilege: okSkill is not always-enabled, does not request elevated or persistent system privileges, and does not modify other skills or system-wide settings.