Cliby Tavily Search

Security checks across malware telemetry and agentic risk

Overview

This is a straightforward Tavily web-search helper that uses a Tavily API key and sends search queries to Tavily as expected.

Install this only if you intend to use Tavily for web search. Use a dedicated Tavily API key, keep the .secrets key file private, and avoid putting secrets, confidential business data, or sensitive personal information into search queries.

SkillSpector

By NVIDIA

Vulnerability Patterns

Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access

Findings (2)

Lp3

Medium

Category: MCP Least Privilege
Confidence: 88% confidence
Finding: The skill invokes a Python script that uses environment variables, reads a local secrets file, and performs network access, but the skill metadata does not declare those capabilities. This is dangerous because it hides the actual trust boundary and can surprise policy enforcement or reviewers, especially since the skill can access credentials and make outbound requests.

Vague Triggers

Medium

Confidence: 72% confidence
Finding: The trigger text is broad enough that the skill may activate for many general research or current-events requests, increasing the chance of unnecessary web access and credentialed tool use. In this context the skill is intended for web search, so the issue is more about overbroad invocation and user-surprise than clearly malicious behavior.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal