Intelligent Search Agent
AdvisoryAudited by Static analysis on Apr 30, 2026.
Overview
No suspicious patterns detected.
Findings (0)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
It may be harder for a user to independently verify the code origin or update history before installing.
The skill includes a Python client but the registry metadata does not identify a source repository or provenance beyond the listed homepage.
Source: unknown
Install only if you trust the publisher or registry entry, and review the included script before use.
Anyone or any agent using this skill with that environment variable can make requests under the user's AIsa API credential.
The client reads AISA_API_KEY from the environment and uses it as a bearer token for all API requests.
self.api_key = api_key or os.environ.get("AISA_API_KEY") ... "Authorization": f"Bearer {self.api_key}"Use a dedicated, least-privilege API key where possible, keep it out of prompts and logs, and rotate it if exposure is suspected.
Search prompts, research questions, and URLs may leave the local agent environment and be processed by external services.
User-supplied queries, and optionally system-style instructions, are sent to an external AIsa API gateway for Perplexity-style answer generation.
BASE_URL = "https://api.aisa.one/apis/v1" ... messages.append({"role": "user", "content": query}) ... data={"model": model, "messages": messages}Avoid sending secrets, private documents, or confidential internal URLs as search queries unless that is acceptable under the provider's data-handling terms.