Back to skill

Security audit

Search

Security checks across malware telemetry and agentic risk

Overview

This skill is a straightforward Tavily web-search wrapper, with the main risk being that search queries and the Tavily API key are sent to a third-party service as expected.

Install only if you trust Tavily with your search queries and are comfortable storing a Tavily API key in your agent settings. Avoid putting secrets, private business information, regulated data, or market-sensitive research into search queries, and treat raw web content returned by the skill as untrusted.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (11)

Lp3

Medium
Category
MCP Least Privilege
Confidence
88% confidence
Finding
The skill documentation invokes shell execution (`./scripts/search.sh` and `curl`) but does not declare corresponding permissions. This can cause users or agent platforms to run shell-capable actions without an explicit trust/consent boundary, increasing the chance of unintended command execution or policy bypass.

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The skill is explicitly designed to send user-provided queries to Tavily, and it also documents options like `include_raw_content` that may retrieve and expose larger volumes of third-party content. Without a clear privacy/data-sharing warning, users may unknowingly send sensitive prompts, internal data, or regulated information to an external service.

External Transmission

Medium
Category
Data Exfiltration
Content
### Basic Search

```bash
curl --request POST \
  --url https://api.tavily.com/search \
  --header "Authorization: Bearer $TAVILY_API_KEY" \
  --header 'Content-Type: application/json' \
Confidence
93% confidence
Finding
curl --request POST \ --url https://api.tavily.com/search \ --header "Authorization: Bearer $TAVILY_API_KEY" \ --header 'Content-Type: application/json' \ --data '{ "query": "latest develo

External Transmission

Medium
Category
Data Exfiltration
Content
### News Search

```bash
curl --request POST \
  --url https://api.tavily.com/search \
  --header "Authorization: Bearer $TAVILY_API_KEY" \
  --header 'Content-Type: application/json' \
Confidence
92% confidence
Finding
curl --request POST \ --url https://api.tavily.com/search \ --header "Authorization: Bearer $TAVILY_API_KEY" \ --header 'Content-Type: application/json' \ --data '{ "query": "AI news today

External Transmission

Medium
Category
Data Exfiltration
Content
```bash
curl --request POST \
  --url https://api.tavily.com/search \
  --header "Authorization: Bearer $TAVILY_API_KEY" \
  --header 'Content-Type: application/json' \
  --data '{
Confidence
90% confidence
Finding
https://api.tavily.com/

External Transmission

Medium
Category
Data Exfiltration
Content
```bash
curl --request POST \
  --url https://api.tavily.com/search \
  --header "Authorization: Bearer $TAVILY_API_KEY" \
  --header 'Content-Type: application/json' \
  --data '{
Confidence
90% confidence
Finding
https://api.tavily.com/

External Transmission

Medium
Category
Data Exfiltration
Content
### Endpoint

```
POST https://api.tavily.com/search
```

### Headers
Confidence
89% confidence
Finding
https://api.tavily.com/

External Transmission

Medium
Category
Data Exfiltration
Content
```bash
curl --request POST \
  --url https://api.tavily.com/search \
  --header "Authorization: Bearer $TAVILY_API_KEY" \
  --header 'Content-Type: application/json' \
  --data '{
Confidence
90% confidence
Finding
https://api.tavily.com/

External Transmission

Medium
Category
Data Exfiltration
Content
```bash
curl --request POST \
  --url https://api.tavily.com/search \
  --header "Authorization: Bearer $TAVILY_API_KEY" \
  --header 'Content-Type: application/json' \
  --data '{
Confidence
91% confidence
Finding
https://api.tavily.com/

External Transmission

Medium
Category
Data Exfiltration
Content
```bash
curl --request POST \
  --url https://api.tavily.com/search \
  --header "Authorization: Bearer $TAVILY_API_KEY" \
  --header 'Content-Type: application/json' \
  --data '{
Confidence
96% confidence
Finding
https://api.tavily.com/

External Transmission

Medium
Category
Data Exfiltration
Content
```bash
curl --request POST \
  --url https://api.tavily.com/search \
  --header "Authorization: Bearer $TAVILY_API_KEY" \
  --header 'Content-Type: application/json' \
  --data '{
Confidence
90% confidence
Finding
https://api.tavily.com/

VirusTotal

No VirusTotal findings

View on VirusTotal