ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

Tavily AI Search

v1.0.0

AI-optimized web search using Tavily Search API. Use when you need comprehensive web research, current events lookup, domain-specific search, or AI-generated answer summaries. Tavily is optimized for LLM consumption with clean structured results, answer generation, and raw content extraction. Best for research tasks, news queries, fact-checking, and gathering authoritative sources.

29· 29k·468 current·502 all-time
by@bert-builder
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Suspicious
View report →
OpenClawOpenClaw
Suspicious
high confidence
Purpose & Capability
The SKILL.md, API reference, and scripts/tavily_search.py consistently implement a Tavily search client (querying an API, returning structured results, images, and optional raw HTML). That capability aligns with the skill name and description. However, the registry metadata lists no required credentials or primaryEnv even though the code and docs clearly require a Tavily API key (TAVILY_API_KEY or --api-key). The missing declared credential in metadata is an inconsistency to address.
Instruction Scope
The runtime instructions and the Python script confine their actions to calling the Tavily API via the tavily-python SDK and formatting results. They do not instruct reading arbitrary system files, other services' credentials, or sending data to unexpected endpoints. One relevant instruction: the SKILL.md recommends storing the API key in the Clawdbot config under skills.entries.tavily.apiKey (or TAVILY_API_KEY). That is within-scope but increases where a secret may be stored.
Install Mechanism
There is no install spec in the registry (instruction-only install), which is low risk for automatic installs. The code expects the third-party Python package 'tavily-python' (pip). Installing that package is the user's responsibility; that introduces the normal supply-chain consideration for pip packages (you should verify the package source on PyPI/GitHub). No downloads from unknown URLs or archive extraction are present in the skill itself.
!
Credentials
The skill requires a Tavily API key at runtime (TAVILY_API_KEY or passed via --api-key), but the registry metadata declares no required env vars and no primary credential. This is a material mismatch: the skill will ask for/use a secret even though the metadata does not advertise it. Requesting a single API key for an external search service is proportionate to the stated purpose, but the missing metadata and recommendation to store the key inside the agent's Clawdbot config increases the risk surface (secret stored in agent config).
Persistence & Privilege
The skill does not request 'always: true', does not modify other skills or system settings, and does not require persistent privileged presence. It runs as an invoked script and uses normal network access to the Tavily API. Autonomous invocation is enabled by default (platform default) — not flagged on its own.
What to consider before installing
Before installing or enabling this skill, verify the Tavily provider and package provenance: 1) Confirm tavily.com, docs.tavily.com, and the referenced tavily-python package are legitimate (check PyPI and the project's GitHub repo). 2) Update or ask the publisher to fix registry metadata to declare the required credential (TAVILY_API_KEY / primaryEnv) so you know a secret will be needed. 3) Prefer storing API keys in a secure secret store rather than a global agent config if you can — note SKILL.md suggests adding the key to the Clawdbot config. 4) Review the tavily-python package source (or vendor it) before pip installing and consider running in an isolated environment. 5) Be cautious when enabling raw content (--raw-content) because it fetches and returns full HTML from external sites which can contain sensitive or unexpected content. If you cannot verify the provider or package origin, treat the skill as untrusted.

Like a lobster shell, security has layers — review code before you run it.

aivk97dyj2rhtj8tfabbykyff2f3h7zt3nylatestvk97dyj2rhtj8tfabbykyff2f3h7zt3nysearchvk97dyj2rhtj8tfabbykyff2f3h7zt3nywebvk97dyj2rhtj8tfabbykyff2f3h7zt3ny

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments