Skillv1.0.1

ClawScan security

travily_search_pro · ClawHub's context-aware review of the artifact, metadata, and declared behavior.

Scanner verdict

ReviewMar 15, 2026, 5:23 PM

Verdict: Review
Confidence: medium
Model: gpt-5-mini
Summary: The skill mostly does what its description says (search/research/extract via Tavily) but the package metadata and packaging are inconsistent and it includes a sample API key in the repo — review before installing or using keys.
Guidance: This skill appears to implement the advertised Tavily search/research/extract functionality, but take these precautions before installing or using it: - Treat the included .env/TAVILY_API_KEY as sensitive. Do not assume the key is safe to use; remove it from the local copy or replace with your own key. If the key is valid, it may be rate-limited or revoked. - The package metadata did not declare the TAVILY_API_KEY requirement — expect to supply it manually. Confirm you understand where the key will be stored and who can access the repo. - There is no install spec for Python dependencies; the code imports a 'tavily' package and 'requests'. Verify the provenance of the 'tavily' package before installing (pip source, repository, or vendor) to avoid running untrusted third-party code. - Confirm the external endpoints (https://api.tavily.com) are legitimate and acceptable for your environment. Monitor network traffic if you have concerns. - If you need higher assurance, request the upstream source or a signed release, or ask the publisher to fix metadata (declare required env vars) and remove embedded keys. Given these packaging and secret-management issues, review and remediate before use.

Review Dimensions

Purpose & Capability: noteThe name/description (Tavily search/research/extract) match the code: scripts call Tavily API endpoints. However the registry metadata claims no required environment variables while both SKILL.md and all scripts expect a TAVILY_API_KEY in a .env file — that mismatch is an incoherence.
Instruction Scope: okSKILL.md instructs storing TAVILY_API_KEY in .env and running the included scripts; the scripts read .env and make HTTPS requests to api.tavily.com. The instructions do not ask the agent to read unrelated files or phone home to unexpected domains — behavior stays within the stated purpose.
Install Mechanism: noteThere is no install spec despite Python code that imports external packages: 'tavily' (TavilyClient) and 'requests'. The scripts prompt installing requests but do not declare dependencies or how to obtain the 'tavily' package. This omission is a packaging/operational gap that could lead users to install unknown third‑party packages without guidance.
Credentials: concernThe skill requires a single API credential (TAVILY_API_KEY), which is proportionate to the service. However the metadata omitted this requirement, and the repository includes a .env file containing a TAVILY_API_KEY value (appears to be a dev key). Shipping an API key in the package is risky — if it's valid it could be abused or leak; if it's a placeholder that's less risky but still poor practice. The code reads .env from the repo root and sets environment variables automatically, which amplifies the impact of any embedded secrets.
Persistence & Privilege: okThe skill does not request permanent 'always' inclusion, does not modify other skills or system-wide settings, and only writes output files when explicitly asked by the user. Autonomous invocation is allowed by platform default (not flagged by itself).