Web Search
PassAudited by ClawScan on May 10, 2026.
Overview
This is a coherent web-search skill, but it relies on an external CLI, account login, and third-party provider calls that users should understand before use.
Before installing, verify the inference.sh CLI installer if possible, log in with an account you are comfortable using for these provider calls, and avoid sending sensitive private data through search, extraction, or LLM workflows.
Findings (4)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
Installing the CLI requires trusting the external inference.sh installer and binary.
The skill documents installation through a remote shell script, but that script and the downloaded CLI binary are not included in the reviewed artifacts.
curl -fsSL https://cli.inference.sh | sh && infsh login
Review the installer source or use the documented manual checksum verification before installing.
An agent using this skill may be able to run broader inference.sh CLI commands than just the listed search/extraction examples.
The skill allows Bash execution of any infsh command, while the main stated purpose is web search and extraction with specific Tavily and Exa apps.
allowed-tools: Bash(infsh *)
Approve or monitor infsh commands and keep usage limited to the intended Tavily/Exa search and extraction workflows unless broader use is desired.
The skill may act through the user’s inference.sh account when running provider apps.
The skill requires authenticating to the inference.sh CLI, although the registry metadata lists no primary credential or required environment variables.
infsh login
Use an account with appropriate limits and understand what services, billing, or data policies apply to inference.sh and its connected providers.
Search terms, URLs, prompts, and extracted page content may be sent to external services.
The skill routes search queries, URLs, and extracted content through inference.sh and named provider apps such as Tavily, Exa, and OpenRouter.
Search the web and extract content via [inference.sh](https://inference.sh) CLI.
Do not submit confidential or regulated information unless those providers’ privacy and data-retention terms are acceptable.