ClawHub

Tavily Web Search Skill for OpenClaw πŸ¦€

Security checks across malware telemetry and agentic risk

Overview

This is a straightforward Tavily web-search skill; it sends search queries to Tavily using a local API key, with disclosure and documentation gaps but no hidden or destructive behavior found.

Install only if you are comfortable sending search queries to Tavily and using your Tavily API quota from a local key. Store the key in .secrets/tavily.key with restrictive permissions, avoid confidential queries, and note that the advertised --api-key and TAVILY_API_KEY methods do not appear to work in this version.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (3)

Lp3

Medium
Category
MCP Least Privilege
Confidence
94% confidence
Finding
The skill invokes a Python script that performs network access and may read a local secret file for the API key, but the skill does not declare corresponding permissions. This creates a transparency and governance gap: operators and policy systems cannot accurately assess or constrain what the skill can do, increasing the chance of unintended data access or outbound requests.

Vague Triggers

Medium
Confidence
86% confidence
Finding
The trigger text is broad enough to match many generic requests for information, research, or current events, which can cause the skill to activate in situations beyond the user's intended scope. Because the skill performs external web search, overbroad activation increases the risk of unnecessary network calls, data leakage in queries, and bypass of more appropriate local or safer skills.

Missing User Warnings

Medium
Confidence
93% confidence
Finding
The script sends user-supplied search queries, and optionally requests raw content from third-party sources, to Tavily's external API without any explicit user-facing notice or consent check at the point of transmission. In an agent skill context, queries may contain sensitive user data or proprietary prompts, so silent transmission to an external service creates a real privacy and data-handling risk even though the network call is the core purpose of the skill.

VirusTotal

63/63 vendors flagged this skill as clean.

View on VirusTotal