tavily-search
PassAudited by ClawScan on May 1, 2026.
Overview
This is a coherent Tavily web-search skill that uses a Tavily API key and local helper scripts as expected, with only normal privacy and dependency considerations for an external search integration.
This skill appears safe for its stated purpose. Before installing, make sure you are comfortable sending search queries to Tavily, protect your TAVILY_API_KEY, avoid searching with secrets or highly sensitive text, and consider disabling or clearing the local cache for sensitive searches.
Findings (5)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
Searches may use the user's Tavily account, quota, billing, or rate limits, and the API key should be protected.
The helper uses a Tavily API key from the environment to make service calls. This is expected for the stated purpose, but it is still account credential use.
api_key = os.getenv("TAVILY_API_KEY")
...
client = TavilyClient(api_key=api_key)Use a dedicated/revocable Tavily key, avoid exposing it in shared code or logs, and revoke it if it is accidentally disclosed.
Sensitive search terms or confidential context included in a query may leave the local environment and be processed by Tavily.
User-provided search queries are sent to the external Tavily provider. This is central to the skill's purpose and is disclosed by the skill description.
response = client.search(
query=args.query,Do not include secrets or unnecessary private data in search queries, and review Tavily's data handling terms if using it for sensitive work.
A malicious or low-quality web page could influence the agent's answer if the agent treats retrieved text as instructions instead of evidence.
The skill documents a RAG pattern that places retrieved web content into model context. This is purpose-aligned, but retrieved web text can be untrusted or manipulative.
# Use context directly in LLM prompts
prompt = f"""Based on the following context:
{context}Treat Tavily results as untrusted source material, ask the agent to cite sources, and do not let instructions inside web snippets override the user's task or safety rules.
Search queries and result content may be stored locally in the user's cache directory, which could matter for sensitive research topics.
The fast helper writes search responses to a local cache directory. The cache validity is short, but stale files may remain on disk unless cleaned up.
CACHE_DIR = Path.home() / ".cache" / "tavily_search"
...
json.dump({
'timestamp': time.time(),
'data': data
}, f)Use the --no-cache option for sensitive searches or periodically clear ~/.cache/tavily_search.
Installing an unpinned package may pull whatever version is current from the package index, which can change over time.
The documented dependency installation is unpinned and not captured by an install spec. This is a normal dependency for the skill, but it depends on the package source at install time.
tavily-python package installed (`pip install tavily-python`)
Install tavily-python from a trusted source and consider pinning a known-good version in managed environments.