Tavily Search
PassAudited by ClawScan on May 1, 2026.
Overview
This skill is a straightforward Tavily web-search wrapper that uses the expected API key and sends search requests to Tavily.
This appears safe for its stated purpose. Before installing, make sure you are comfortable sending search queries to Tavily and use an API key with appropriate quota or billing controls.
Findings (2)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
Searches may consume the user's Tavily quota or be associated with their Tavily account.
The skill requires a Tavily API key, which is expected for using Tavily's Search API, but it means requests are made under the user's Tavily account.
Set your API key as an environment variable: export TAVILY_API_KEY=tvly-...
Use a Tavily API key intended for this purpose and monitor usage or billing as appropriate.
Anything placed in the search JSON, including query text, is sent to Tavily.
The skill sends the provided search JSON to Tavily's external API. This is core to the skill's purpose and is disclosed, but it is still an external data flow.
printf '%s' "$JSON_INPUT" | curl -s --request POST --url "https://api.tavily.com/search"
Do not include secrets, credentials, or sensitive personal information in search requests.