Tavily Search Pro

Security checks across malware telemetry and agentic risk

Overview

This is a coherent Tavily search integration, but users should know their searches and URLs are sent to Tavily.

Install only if you are comfortable using a Tavily API key and sending selected queries, URLs, crawl targets, and research prompts to Tavily. Avoid confidential internal URLs, secrets, personal data, or regulated material unless your organization has approved that disclosure; consider using a revocable API key and an isolated Python environment.

SkillSpector

By NVIDIA

Vulnerability Patterns

Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (2)

Lp3

Medium

Category: MCP Least Privilege
Confidence: 89% confidence
Finding: The skill declares only `allowed-tools: [exec]`, but its documented behavior clearly requires environment variable access (`TAVILY_API_KEY`) and outbound network access to Tavily. This permission mismatch weakens transparency and policy enforcement: users and platforms may underestimate what the skill can access and transmit, increasing the chance of unintended secret use or external data exfiltration.

Missing User Warnings

Medium

Confidence: 94% confidence
Finding: The skill encourages users to submit searches, URLs, extraction targets, and crawl instructions to an external Tavily service, but it does not prominently warn that this data leaves the local environment. In practice, users may provide sensitive internal URLs, proprietary research topics, or confidential instructions, causing inadvertent disclosure to a third-party service.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal