Tavily Search

Security checks across malware telemetry and agentic risk

Overview

This is a real Tavily search helper, but it ships with a bundled API key and gives weak privacy and credential-handling disclosure.

Review before installing. Use your own Tavily API key, remove or replace the bundled config.json, avoid sensitive or confidential queries, and treat the local config file as a plaintext secret.

SkillSpector

By NVIDIA

Vulnerability Patterns

Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep

Findings (2)

Missing User Warnings

Medium

Confidence: 94% confidence
Finding: The skill encourages users to submit arbitrary search and research queries to an external provider and notes that research mode can extract content from up to 50 webpages, but it does not warn that user prompts, identifiers, and retrieved page content may be sent to and processed by third-party services. In agent settings, this is dangerous because sensitive internal data may be embedded in queries or captured from retrieved pages without informed user consent.

Missing User Warnings

Medium

Confidence: 96% confidence
Finding: The script writes the API key to config.json in plaintext without warning the user or applying any filesystem or cryptographic protection. On shared systems or in backups, logs, and synced folders, this can expose the credential to other local users or processes, enabling unauthorized use of the Tavily account.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal