Tavily Search
AdvisoryAudited by Static analysis on May 8, 2026.
Overview
No suspicious patterns detected.
Findings (0)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
Searches may consume the user's AIsa credits or quota, and the API key should be treated as a sensitive credential.
The skill requires an API key for the AIsa service, so invocations run under the user's AIsa account.
primaryEnv: AISA_API_KEY ... requires: env: - AISA_API_KEY
Use a revocable, least-privileged API key if available, keep it out of logs and shared shells, and monitor account usage.
Any query text, URLs submitted for extraction, and generated search context may be shared with the AIsa service.
The client sends user-provided search queries and the bearer API key to the external AIsa API, which is expected for this search integration.
AISA_BASE = "https://api.aisa.one/apis/v1" ... "Authorization": f"Bearer {api_key}" ... "query": args.queryAvoid sending secrets, private documents, or sensitive personal information as search queries or extraction URLs unless you are comfortable sharing them with the provider.
If the agent or user invokes these other modes, the skill may contact additional AIsa endpoints and process more data than a simple Tavily search.
The bundled script supports additional AIsa search, extraction, and synthesis subcommands beyond the Tavily-only usage emphasized in SKILL.md.
Usage:\n python3 search_client.py web ... scholar ... smart ... tavily ... extract ... sonar ... verity
If you only want Tavily search, instruct the agent to use the `tavily` subcommand and confirm before using extract, sonar, or multi-source verity modes.