Erdmannsilva Perplexity
PassAudited by VirusTotal on May 12, 2026.
Overview
Type: OpenClaw Skill Name: erdmannsilva-perplexity Version: 1.0.0 The skill bundle provides a legitimate interface for the Perplexity AI search API. The script `scripts/search.mjs` uses the provided `PERPLEXITY_API_KEY` to communicate exclusively with the official `api.perplexity.ai` endpoint and contains no evidence of data exfiltration, malicious execution, or prompt injection.
Findings (0)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
Your Perplexity API key will be used when the skill runs, and usage may count against your Perplexity account or billing.
The skill needs a Perplexity API credential to operate. This is expected for the stated Perplexity API search purpose, and the provided code uses it only as a Bearer token to the Perplexity API.
Requires `PERPLEXITY_API_KEY` environment variable
Use a dedicated API key if possible, avoid sharing it in prompts, and revoke or rotate it if you no longer use the skill.
Any sensitive information included in a search query may be transmitted to Perplexity.
The script sends the supplied search queries to Perplexity's external API. This is purpose-aligned and disclosed, but users should understand that query text leaves the local environment.
fetch("https://api.perplexity.ai/search", { ... body: JSON.stringify({ query: queries }) })Do not include secrets, private personal data, or confidential business information in queries unless you are comfortable sending it to Perplexity under its terms and privacy policy.
The package identity metadata is not fully consistent, which may make it harder to confirm the exact publisher lineage.
The internal metadata owner and slug differ from the registry metadata shown for this review, which lists a different owner ID and slug. This does not show malicious behavior, but it is a provenance inconsistency.
"ownerId": "kn7evq0dm74etz8yf5w8513q8x7ys8hs", "slug": "perplexity"
Verify the publisher/source before installing if provenance matters to you, especially before providing an API key.