ClawHub

Tavily Plus

Security checks across malware telemetry and agentic risk

Overview

This is a coherent Tavily search helper that sends searches to Tavily and can optionally save local reports as described.

Install only if you are comfortable sending searches to Tavily or the configured base URL and using Tavily API keys from your environment. Do not search for secrets or highly sensitive internal data, and enable report export only for content you are willing to store locally under your OpenClaw workspace.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (5)

Lp3

Medium
Category
MCP Least Privilege
Confidence
88% confidence
Finding
The skill documentation describes use of environment variables and outbound network access, yet no declared permissions are present. This creates a transparency and governance gap: operators and users cannot accurately assess what the skill can access, and permission enforcement may be bypassed or weakened in systems that rely on declarations.

Missing User Warnings

Medium
Confidence
92% confidence
Finding
The offline export feature writes search-derived content to a local path under the user's home directory without an explicit warning, consent flow, or retention controls. Search queries, summaries, and extracted content may contain sensitive research topics or proprietary information, leaving recoverable artifacts on disk that other local users, backup systems, or later processes could access.

Missing User Warnings

Medium
Confidence
92% confidence
Finding
The code sends the user's query and derived sub-questions to the external Tavily API, which can expose sensitive user input, internal research topics, or proprietary data to a third party. In a search skill this data flow is expected, but the lack of explicit consent, warning, or input-sensitivity checks makes it a real privacy/security issue, especially because the tool automatically decomposes and expands queries before transmission.

Missing User Warnings

Medium
Confidence
90% confidence
Finding
When export is enabled, the script writes a markdown report containing the original query, inferred intent, sub-questions, search results, and summary to a persistent local path under the user's home directory. This creates a local data exposure risk because sensitive searches may be stored unencrypted and remain accessible to other local users, backups, or later processes without a prominent warning about persistence.

Ssd 3

Medium
Confidence
94% confidence
Finding
The documented workflow and response format indicate that sensitive user queries, decomposed sub-questions, search results, summaries, and even key-usage metadata may be surfaced in reports or responses. In a research/search skill, this is especially risky because user intent and investigative topics are often sensitive, and exposing provider-usage details can aid operational fingerprinting or leak internal behavior.

VirusTotal

63/63 vendors flagged this skill as clean.

View on VirusTotal