Back to skill
Skillv1.0.0
VirusTotal security
Tavily Research · External malware reputation and Code Insight signals for this exact artifact hash.
Scanner verdict
BenignApr 30, 2026, 5:44 AM
- Hash
- 61e2aceeffe89c2a928eec6ec0fbbb819cbb835f923158d660bbab77dc672d5b
- Source
- palm
- Verdict
- benign
- Code Insight
- Type: OpenClaw Skill Name: tavily-research Version: 1.0.0 The skill provides a research interface using the Tavily API and MCP (Model Context Protocol). The script `scripts/research.sh` implements a legitimate OAuth flow, including searching for existing Tavily-issued tokens in `~/.mcp-auth/` and validating them by decoding the JWT payload to check the issuer (`https://mcp.tavily.com/`). It uses `npx` to run the standard `mcp-remote` tool for authentication and communicates only with official Tavily endpoints. The logic is transparent, well-documented in `SKILL.md`, and lacks any indicators of data exfiltration or malicious intent.
- External report
- View on VirusTotal