Kagi
AdvisoryAudited by Static analysis on Apr 30, 2026.
Overview
No suspicious patterns detected.
Findings (0)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
Using the skill can consume Kagi API quota and associate submitted searches or FastGPT prompts with the user's Kagi API token.
The skill reads a Kagi API credential from the environment and uses it in the Authorization header. This is expected for a Kagi API wrapper, but it gives the skill delegated access to the user's Kagi API account.
tok = os.environ.get("KAGI_API_TOKEN") or os.environ.get("KAGI_API_KEY") ... "Authorization": f"Bot {_token()}"Use a Kagi API token intended for this purpose, set it only in sessions where the skill is needed, and avoid submitting secrets or highly sensitive content as queries.
Queries and prompts entered through the skill are shared with Kagi for search or summarization.
Search queries and FastGPT prompts are sent to Kagi's external API. This is clearly aligned with the skill's purpose and no unrelated endpoints are shown.
BASE_URL = "https://kagi.com/api/v0" ... return _request("POST", "/fastgpt", json_body=body)Treat search and FastGPT prompts as data sent to a third-party provider, and avoid including passwords, private keys, or confidential material.
Users have less external provenance information for verifying the origin or maintenance of the skill.
The registry metadata does not provide a source repository or homepage. The included code is visible and there is no install script, so this is a provenance note rather than a behavior concern.
Source: unknown Homepage: none
Review the bundled scripts before use and prefer a skill release with a clear source repository or publisher information when available.