ClawHub

Tavily Web Seeker

Security checks across malware telemetry and agentic risk

Overview

This is a coherent Tavily web search skill with expected API-key use and optional local report export, but users should be aware that searches go to Tavily and exported reports are saved locally.

Install if you are comfortable sending search queries to Tavily or a configured Tavily-compatible endpoint. Use a dedicated Tavily API key, leave TAVILY_BASE_URL unset unless you trust the replacement endpoint, and avoid exporting reports for sensitive searches unless you are comfortable with local files under $HOME/.openclaw/workspace/reports.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (2)

Lp3

Medium
Category
MCP Least Privilege
Confidence
91% confidence
Finding
The skill documentation indicates capabilities involving environment variables and network access, yet it does not declare permissions or clearly scope those capabilities. This creates a trust and review gap: operators may approve or invoke the skill without understanding that it can access secrets such as API keys and perform outbound requests, which increases the risk of unintended data exposure or misuse.

Missing User Warnings

Medium
Confidence
90% confidence
Finding
The report generator writes user queries and fetched result content to a predictable location under the user's home directory without any warning, consent, or sensitivity checks. Search queries and snippets may contain confidential research topics, internal identifiers, or personal data, creating an avoidable local data exposure and persistence risk on shared or monitored systems.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal