Back to skill
Skillv1.0.0
ClawScan security
Tavily + Zhipu Web Search · ClawHub's context-aware review of the artifact, metadata, and declared behavior.
Scanner verdict
BenignApr 9, 2026, 1:38 AM
- Verdict
- benign
- Confidence
- high
- Model
- gpt-5-mini
- Summary
- The skill's code and instructions match its stated purpose (use Tavily first, fall back to Zhipu) and request only the expected API keys and config access; nothing indicates hidden behavior or unexplained privileges.
- Guidance
- This skill appears to do exactly what it claims: send your query to Tavily first and fall back to Zhipu. Before installing, decide whether you trust the external services (api.tavily.com and open.bigmodel.cn) to handle your queries. If you do not want this skill to read keys from your OpenClaw config, set ZHIPU_API_KEY explicitly or remove sensitive apiKey entries from ~/.openclaw/openclaw.json. No installers or hidden downloads are present, and the skill does not request unrelated credentials or system changes.
Review Dimensions
- Purpose & Capability
- okName/description, SKILL.md, and the bundled Python script all implement a unified web search using Tavily (primary) and Zhipu (fallback). Required inputs (TAVILY_API_KEY, ZHIPU_API_KEY or reading openclaw.json) are consistent with that purpose.
- Instruction Scope
- noteRuntime instructions direct the agent to run the included Python script which performs network calls to the documented endpoints (api.tavily.com and open.bigmodel.cn). The script also attempts to read ~/.openclaw/openclaw.json to find a Zhipu key if ZHIPU_API_KEY is not set; this behaviour is documented in SKILL.md but is the only non-network file read.
- Install Mechanism
- okNo install spec; the skill is instruction-only with a single Python script. Nothing is downloaded or written to disk by an installer.
- Credentials
- noteThe skill does not require global credentials; it uses TAVILY_API_KEY and ZHIPU_API_KEY as expected. One caveat: if ZHIPU_API_KEY is not set the script will parse ~/.openclaw/openclaw.json and return the first apiKey it finds under providers 'generic' or 'glm' — this can surface keys stored for other providers if present. This behavior is documented but users should be aware.
- Persistence & Privilege
- okalways is false and the skill does not modify other skills or system settings. It does not persist tokens or alter configuration beyond reading the openclaw.json config file.