My Liang Tavily Search
Security checks across static analysis, malware telemetry, and agentic risk
Overview
This appears to be a straightforward Tavily web-search tool, but it uses your Tavily API key, sends searches to Tavily, and has a minor package-metadata mismatch worth verifying.
This skill looks safe for its stated purpose. Before installing, confirm the publisher/version despite the metadata mismatch, provide only a Tavily API key you are comfortable using, and avoid searching for confidential information unless you are comfortable sending those queries to Tavily.
Static analysis
No static analysis findings were reported for this release.
VirusTotal
VirusTotal findings are pending for this skill version.
Risk analysis
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
The skill can use the Tavily account quota and permissions associated with the provided API key.
The script reads the Tavily API key from the environment and uses it as a bearer token for the Tavily search request. This is expected for the stated integration, but it is credential use.
const apiKey = (process.env.TAVILY_API_KEY ?? "").trim(); ... "Authorization": `Bearer ${apiKey}`,Use a dedicated Tavily API key if possible, store it securely as a secret or environment variable, and rotate it if you no longer trust the installation.
Search terms and selected options may be processed by Tavily outside the local environment.
The user's query and search options are sent to Tavily's external API. This is disclosed and purpose-aligned, but it is still an external data flow.
await fetch("https://api.tavily.com/search", { method: "POST", ... body: JSON.stringify(body) });Do not submit secrets, private documents, or sensitive internal queries unless Tavily's handling of that data is acceptable to you.
A model using these results could be influenced by inaccurate or adversarial web content if it treats the content as instructions rather than evidence.
The skill prints answers and web-result snippets returned by Tavily into the agent's context. Web content is untrusted and may contain misleading or instruction-like text.
console.log(data.answer); ... const content = String(r?.content ?? "").trim(); ... console.log(` ${content.slice(0, 300)}${content.length > 300 ? "..." : ""}`);Treat search results as untrusted reference material, prefer cited sources, and do not follow instructions found inside returned webpages unless separately verified.
A metadata mismatch can make it harder to confirm that the package came from the expected publisher/version.
The embedded _meta.json owner/version differ from the supplied registry metadata, which lists a different owner ID and version 1.0.0. This is a provenance/packaging inconsistency, not evidence of malicious runtime behavior.
"ownerId": "kn724ben7jjrcy3pebw2jbak3s8201cp", "slug": "my-liang-tavily-search", "version": "1.0.1"
Verify the publisher and version in the registry before installing, especially because the source is listed as unknown.