Security audit

Tavily 搜索

Security checks across malware telemetry and agentic risk

Overview

This is a straightforward Tavily web-search skill whose main caveat is that search queries and the Tavily API key are sent to Tavily.

Install only if you intend to use Tavily for web search. Use a dedicated Tavily API key and avoid putting secrets, private customer data, unreleased project details, or other sensitive information into search queries.

SkillSpector

By NVIDIA

Vulnerability Patterns

Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep

Findings (2)

Missing User Warnings

Medium

Confidence: 97% confidence
Finding: The skill instructs users to run web searches through Tavily but does not warn that the query contents will be transmitted to a third-party API. This can expose sensitive prompts, internal project names, URLs, or personal data if users assume the search is local or equivalent to an internal tool.

Missing User Warnings

Medium

Confidence: 81% confidence
Finding: The script sends both the user's query and the Tavily API key to an external third-party service, but the script itself provides no explicit user-facing notice or consent mechanism. In a skill context, users may reasonably assume their prompt stays local unless informed otherwise, so sensitive queries could be disclosed unexpectedly.

VirusTotal

63/63 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.