Nyne Search
PassAudited by ClawScan on May 10, 2026.
Overview
Nyne Search is a disclosed people-search API skill, but it handles Nyne API credentials and can retrieve, display, and temporarily store personal contact details.
Install only if you intend to use Nyne for people search and contact enrichment. Before running searches, confirm the search tier, result limit, and whether emails or phone numbers are necessary, because these options may consume credits and expose sensitive personal data in the chat and temporary files.
Findings (4)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
Anyone using the skill must provide Nyne credentials, which may authorize searches and consume credits on the user's Nyne account.
The skill requires provider credentials to call Nyne. This is expected for the integration, but users should treat these values as sensitive; the registry metadata did not declare required env vars.
**Required environment variables:** - `NYNE_API_KEY` — your Nyne API key - `NYNE_API_SECRET` — your Nyne API secret
Use a dedicated or limited-scope Nyne API key if available, avoid pasting full secrets into chat, and revoke/rotate credentials if exposed.
A search can consume Nyne credits and may retrieve enriched contact details, especially when premium search or email/phone options are enabled.
The skill documents external API calls that can run premium searches and email enrichment. This is central to the skill purpose, but may affect cost and privacy.
curl -s -X POST "https://api.nyne.ai/person/search" ... -d '{"query": "Software engineers at Google in San Francisco", "limit": 10, "type": "premium", "show_emails": true}'Confirm the search tier, result limit, and whether email or phone enrichment is needed before running searches.
Search results may expose personal emails, phone numbers, age estimates, gender, work history, and social profiles in the agent transcript.
The agent is instructed to display all returned profile data, including personal contact fields. This is purpose-aligned but places sensitive third-party data into the conversation context.
When presenting search results to the user, show **all returned data** ... best_business_email, best_personal_email, altemails, fullphone
Ask only for data you need, avoid sharing results unnecessarily, and follow applicable privacy, consent, and acceptable-use rules.
Running the examples executes local shell/Python commands and writes API output to local files.
The documentation includes a local Python helper for cleaning and parsing JSON responses. This is disclosed and limited to parsing API output, with no evidence of hidden or automatic execution.
nyne_parse() {
python3 -c "
import sys, json, re
raw = sys.stdin.read()Review commands before running them, use a trusted shell environment, and delete temporary result files if they contain sensitive contact data.