t-web-searcher
WarnAudited by ClawScan on May 10, 2026.
Overview
The skill mostly performs the advertised Tavily web search, but one script can load code from a formatter path chosen by the API response, which is risky and under-disclosed.
Install only if you are comfortable sharing queries and selected URLs with Tavily, and preferably wait for the maintainer to remove or strictly allowlist the response-controlled dynamic formatter import. Use a dedicated Tavily API key and avoid sending sensitive data in searches.
Findings (4)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
A remote response could potentially make the Node process run code that is not part of the reviewed bundled formatter files.
The formatter path comes from the Tavily API response and is dynamically imported without an allowlist. A malicious or compromised API response could provide an unexpected URL or module path and cause local JavaScript execution.
const formatFile = data?.meta?.formatFile || './formatters/default.mjs'; const pluginUrl = new URL(formatFile, import.meta.url); const formatter = await import(pluginUrl.href);
Replace this with an explicit allowlist, such as mapping --topic general/news to bundled formatter files only, and reject absolute URLs, data URLs, file URLs, and parent-directory paths.
It may be harder to confirm that this package is from the expected publisher or corresponds to the intended registry listing.
The embedded metadata identifies a different owner/slug than the supplied registry metadata for t-web-searcher. This does not prove unsafe behavior, but it is a provenance inconsistency.
"ownerId": "kn7azq5e6sw0fbwwzdpcwvvjzd7z0x4z", "slug": "tavily-search"
Verify the publisher before installing, and ask the maintainer to align the registry metadata, _meta.json, skill name, source URL, and homepage.
The skill will use your Tavily API key and the key may incur usage or billing on your Tavily account.
The script reads the Tavily API key from the environment and sends it as the api_key field for Tavily requests. This is expected for a Tavily integration, and there is no evidence of logging, hardcoding, or unrelated credential use.
var apiKey = key_t.TAVILY_API_KEY; ... api_key: apiKey,
Use a dedicated Tavily key with appropriate limits, monitor usage, and revoke it if you no longer use the skill.
Search queries, and URLs used with the extract command, will be shared with Tavily.
User search queries are sent to the external Tavily API. This is disclosed and purpose-aligned, but users should understand the data leaves the local environment.
const body = {
api_key: apiKey,
query: query,
...
};
const resp = await fetch("https://api.tavily-search.com/search", {Avoid submitting secrets, private internal URLs, or sensitive personal information unless sharing that data with Tavily is acceptable.