v1.0.0

tavily-search

BenignClawScan verdict for this skill. Analyzed May 1, 2026, 8:39 AM.

Analysis

This appears to be a coherent Tavily web search integration, but users should knowingly provide a Tavily API key and avoid sending sensitive queries or URLs to the external service.

GuidanceThis skill is reasonable to install if you want Tavily-powered web search. Before using it, set a Tavily API key intentionally, understand that searches and URLs are sent to Tavily, avoid sensitive queries, and treat returned web content as information to verify rather than instructions for the agent to follow.

Findings (4)

Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.

Abnormal behavior control

Checks for instructions or behavior that redirect the agent, misuse tools, execute unexpected code, cascade across systems, exploit user trust, or continue outside the intended task.

Agent Goal Hijack

SeverityLowConfidenceHighStatusNote

SKILL.md

Provides web search functionality with AI-powered summarization optimized for RAG and question answering.

The skill is designed to retrieve and summarize web content for agent use; web pages and extracted content may contain untrusted instructions even though the skill does not tell the agent to obey them.

User impactSearch results could include misleading or instruction-like text from the web that should not override the user's request.

RecommendationUse Tavily results as source material or citations only, and keep normal instruction hierarchy protections in place.

Agentic Supply Chain Vulnerabilities

SeverityInfoConfidenceHighStatusNote

metadata

Source: unknown; Homepage: none

The package provenance is not documented in the registry metadata, although the provided artifacts include the relevant source files and no remote install step.

User impactUsers have less external provenance information for verifying the publisher or upstream project.

RecommendationReview the included code before installation and prefer a version with a documented source repository or publisher provenance when available.

Permission boundary

Checks whether tool use, credentials, dependencies, identity, account access, or inter-agent boundaries are broader than the stated purpose.

Identity and Privilege Abuse

SeverityLowConfidenceHighStatusNote

SKILL.md

Set it in your environment: `export TAVILY_API_KEY=your_api_key_here`

The skill requires a Tavily service credential, while the registry metadata lists no required env vars or primary credential; this is purpose-aligned but should be visible to users.

User impactThe skill can use the user's Tavily account quota and permissions for searches and URL extraction.

RecommendationProvide only a Tavily API key intended for this integration, monitor usage/quota, and rotate the key if it is no longer needed.

Sensitive data protection

Checks for exposed credentials, poisoned memory or context, unclear communication boundaries, or sensitive data that could leave the user's control.

Insecure Inter-Agent Communication

SeverityLowConfidenceHighStatusNote

scripts/tavily_api.py

BASE_URL = "https://api.tavily.com" ... response = requests.post(endpoint, json=payload, timeout=30)

The client sends the API key plus user-provided search queries or URLs to Tavily's external API, which is expected for a search provider integration.

User impactQueries, URLs, and related metadata may be shared with Tavily when the tool is used.

RecommendationAvoid sending highly sensitive or private information in search queries or extraction URLs unless Tavily's privacy terms are acceptable.