Tavily Search Pro
PassAudited by ClawScan on May 1, 2026.
Overview
This is a coherent Tavily web-search integration, but users should notice that it uses a Tavily API key, sends search/URL requests to Tavily, and installs an unpinned Python package.
This skill appears purpose-aligned for Tavily search and research. Before installing, make sure you are comfortable giving it a Tavily API key, sending queries and URLs to Tavily, and running the installer in your Python environment; a virtual environment and a limited/revocable API key are recommended.
Findings (3)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
Using the skill can consume Tavily API credits and depends on the security of the configured API key.
The skill reads a Tavily API key from the environment and sends it as a bearer token to Tavily, which is expected for the service integration but gives the skill access to the user's Tavily account quota.
API_KEY: str = os.environ.get("TAVILY_API_KEY", "") ... "Authorization": f"Bearer {API_KEY}"Use a dedicated Tavily key with appropriate limits, avoid sharing it, and revoke or rotate it if the skill is no longer used.
Search terms, URLs, and crawl/research instructions may be visible to the Tavily service.
The skill sends request payloads such as searches, URLs, crawl requests, and research queries to Tavily's external API, which is central to the stated purpose.
BASE_URL: str = "https://api.tavily.com" ... urllib.request.urlopen(req, timeout=timeout)
Do not use the skill for sensitive private queries, confidential URLs, or internal resources unless sending that information to Tavily is acceptable.
Installation may modify the local Python environment and depends on the current tavily-python package from the package index.
The installer fetches an unpinned Python package and first attempts to bypass system package protections; this is related to the Tavily purpose but broadens local environment impact.
pip install --break-system-packages --quiet tavily-python
Prefer installing in a virtual environment, pin dependency versions where possible, and verify the package source before installation.