ClawHub

tavily-search

Security checks across malware telemetry and agentic risk

Overview

This is a straightforward Tavily web-search skill, but users should avoid sending sensitive queries to the external search service.

Install this only if you intend to use Tavily for external web search. Use a dedicated, revocable Tavily API key, do not search for secrets, credentials, regulated personal data, or confidential internal topics, and consider disabling or clearing the local cache for sensitive searches.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (3)

Vague Triggers

Medium
Confidence
79% confidence
Finding
The description encourages use for broadly defined web-search needs ('any topic that requires up-to-date web data'), which can cause the skill to be invoked on sensitive user prompts without an explicit appropriateness boundary. In practice, that increases the chance that confidential prompts, internal research topics, or regulated data are sent to an external search provider when a safer local-only workflow would have been more appropriate.

Missing User Warnings

Medium
Confidence
96% confidence
Finding
The skill instructs users to submit queries to Tavily but does not warn that both the query text and retrieved web content are transmitted to a third-party service. This omission creates a real data-handling risk because users or calling agents may unknowingly send sensitive prompts, personal data, or proprietary research terms off-platform.

Missing User Warnings

Medium
Confidence
92% confidence
Finding
The tool sends user-provided queries, and optionally full raw page content, to Tavily's external service without any explicit disclosure, confirmation, or consent mechanism at the point of use. In an agent setting, this creates a real privacy and data-handling risk because users or upstream callers may unknowingly transmit sensitive prompts, internal research topics, or regulated data to a third party.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal