ClawHub

Openclaw Tavily Search.Bak

Security checks across malware telemetry and agentic risk

Overview

This is a straightforward Tavily web-search helper, but users should know their search queries are sent to Tavily using their API key.

Install this only if you are comfortable using Tavily as a third-party search provider. Use a Tavily-specific API key with sensible limits, avoid putting secrets or sensitive personal or business information in search queries, and note the minor metadata mismatch when judging provenance.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (3)

Vague Triggers

Medium
Confidence
81% confidence
Finding
The invocation description is broad enough to match many ordinary requests to search the web, look up sources, or find links, which can cause over-triggering. In practice this may route user queries to an external API more often than intended, increasing unnecessary data exposure and reducing user awareness or control.

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The skill description does not explicitly warn that user queries will be sent to a third-party web search provider. Because search terms can contain sensitive or identifying information, the lack of disclosure increases the risk of unintended exfiltration of private data to an external service.

Missing User Warnings

Medium
Confidence
84% confidence
Finding
The script transmits user search queries and the API credential to a third-party service, but the script itself provides no user-facing disclosure or warning about that data flow. In an agent-skill context, this matters because users may assume searches are local or handled by a different provider, creating privacy and consent risk if sensitive prompts are forwarded externally.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal