Back to skill
Skillv1.0.0
ClawScan security
Tavily Search · ClawHub's context-aware review of the artifact, metadata, and declared behavior.
Scanner verdict
BenignMar 8, 2026, 9:40 PM
- Verdict
- benign
- Confidence
- high
- Model
- gpt-5-mini
- Summary
- The skill is an instruction-only integration for the Tavily/Maton API that only asks for a single API key and issues network requests to Maton/Tavily endpoints; its requirements and instructions are internally consistent with its stated purpose.
- Guidance
- This skill appears coherent and only needs a Maton API key. Before installing: (1) verify you trust maton.ai/gateway.maton.ai/ctrl.maton.ai and that the API key you provide has only the permissions you expect; (2) avoid reusing a high-privilege key — create a key scoped to search/extract if possible; (3) be aware search/extract requests may send user-provided content to Maton/Tavily (don’t send secrets or sensitive files); and (4) confirm HTTPS endpoints are legitimate and not typosquatted if you deploy in an automated environment.
Review Dimensions
- Purpose & Capability
- okName/description promise AI web search, extraction, crawling and research; the SKILL.md only requires a MATON_API_KEY and documents requests to gateway.maton.ai / ctrl.maton.ai (which proxy to Tavily). These requirements line up with the claimed functionality.
- Instruction Scope
- okAll runtime instructions show constructing HTTP requests to Maton/Tavily endpoints and managing Maton connections. The instructions do not tell the agent to read local files, other env vars, or system configuration, nor to transmit data to unexpected third-party endpoints.
- Install Mechanism
- okThere is no install spec and no code files to write or execute on disk (instruction-only). This minimizes install-time risk.
- Credentials
- okOnly one environment variable (MATON_API_KEY) is required, which is appropriate for an API-key based gateway integration. No unrelated credentials or config paths are requested.
- Persistence & Privilege
- okThe skill is not forced-always, does not request elevated persistence, and being instruction-only it does not modify other skills or system configuration.