Skill flagged — suspicious patterns detected
ClawHub Security flagged this skill as suspicious. Review the scan results before using.
Tavily Plus
v1.0.0Enhanced Tavily search with multi-API key rotation, AI-powered intent recognition, sub-question decomposition, intelligent summarization, and offline documen...
⭐ 0· 31·0 current·0 all-time
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
OpenClaw
Suspicious
medium confidencePurpose & Capability
The skill's name/description (Tavily-enhanced search, API key rotation, offline export) aligns with the included code which calls a Tavily API and can write reports. However the registry metadata claims "Required env vars: none" while both SKILL.md and scripts/smart-search.js expect Tavily API keys (plugins.entries.tavily.config.webSearch or TAVILY_API_KEY, TAVILY_API_KEY_2, ...). That mismatch between declared requirements and actual requirements is an oversight and reduces trust.
Instruction Scope
SKILL.md describes intent recognition, decomposition, key rotation, and offline export; the JS implements these. The skill writes markdown reports to ~/.openclaw/workspace/reports when export_doc/exportDoc is enabled (this behavior is documented). Inconsistencies: SKILL.md says it will read plugins.entries.tavily.config.webSearch.apiKey, but the code only reads environment variables (it does not parse the plugin config). SKILL.md also claims it will 'log which key was used in response metadata' but the top-level smartSearch return does not include the keyUsed field (searchWithRetry returns keyUsed but smartSearch ignores it). These are scope/behavior mismatches to be aware of.
Install Mechanism
This is an instruction-only skill with a single shipped JS file and no install spec or external downloads. There is no package fetch or arbitrary archive extraction. Risk from install mechanism is low.
Credentials
The skill legitimately needs Tavily API credentials and optionally a base URL. The registry however does not declare these env vars—SKILL.md documents config via plugins.entries.tavily.config.webSearch and/or env vars TAVILY_API_KEY, TAVILY_API_KEY_2, ... and the code reads TAVILY_API_KEY, TAVILY_API_KEY_2.._10 and optionally TAVILY_BASE_URL. No unrelated credentials are requested. The absence of declared required env vars in the registry and the code's use of TAVILY_BASE_URL (not documented in registry metadata) is an inconsistency that should be corrected.
Persistence & Privilege
The skill does not request always:true and will not be forced into every agent run. It writes reports to ~/.openclaw/workspace/reports when asked to export — this is documented and limited to its own workspace. It does not modify other skills or global agent settings.
What to consider before installing
What to check before installing or enabling this skill:
- Expectation vs reality: The registry claims no required environment variables, but the skill actually needs Tavily API keys. Provide keys either in plugins.entries.tavily.config.webSearch.apiKey or via env vars (TAVILY_API_KEY, TAVILY_API_KEY_2, etc.). Confirm the packaging/registry metadata is corrected before trusting the skill.
- Config vs env mismatch: SKILL.md states it will read plugin config, but the shipped script only reads environment variables (and TAVILY_BASE_URL). If you want to use the configured plugin entry, ask the author to implement loading from plugins.entries.tavily.config; otherwise supply env vars.
- Key rotation and metadata: The code rotates keys on 429 but limits retries (the recursion halts after 6 attempts even if more keys are available) and the final response does not include which key was used despite SKILL.md promising that. If you rely on per-key telemetry or failover behavior, request fixes or test rotation under load.
- File writes: Offline export creates files under ~/.openclaw/workspace/reports. If you enable export_doc/exportDoc, review the generated reports for sensitive data before sharing. Run in a sandbox or with a dedicated workspace path if you have concerns.
- Runtime assumptions: The script uses fetch and AbortSignal.timeout (Node 18+). Ensure your agent runtime provides compatible Node globals.
- Limited risk but check provenance: No external installers or obfuscated code are present, and network calls are only to the Tavily base URL (default https://api.tavily.com or TAVILY_BASE_URL). Still verify the skill author/source since the package metadata/homepage are missing.
If you are not comfortable with these inconsistencies (missing declared envs, config-reading mismatch, and minor rotation bugs), ask the author for a corrected release or run the skill in an isolated environment and review logs/output before using it with real credentials.scripts/smart-search.js:8
Environment variable access combined with network send.
Patterns worth reviewing
These patterns may indicate risky behavior. Check the VirusTotal and OpenClaw results above for context-aware analysis before installing.Like a lobster shell, security has layers — review code before you run it.
latestvk972wqcak0x8p37gc6ej69bfps840mee
License
MIT-0
Free to use, modify, and redistribute. No attribution required.
Runtime requirements
🔍 Clawdis
Configplugins.entries.tavily.config
