ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

Tavily Skill

v1.0.0

Use Tavily API for real-time web search and content extraction. Use when: user needs real-time web search results, research, or current information from the...

0· 1.6k·21 current·23 all-time
by@fangkelvin
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Suspicious
View report →
OpenClawOpenClaw
Suspicious
medium confidence
!
Purpose & Capability
The SKILL.md and included script clearly require a Tavily API key (TAVILY_API_KEY) and make requests to https://api.tavily.com, which matches the described purpose. However, the registry metadata lists no required environment variables or primary credential — an inconsistency between declared requirements and actual capability.
Instruction Scope
The runtime instructions and the bash script stay within the stated purpose: building a search request and calling Tavily's API using curl and jq. They do not read unrelated files or other credentials. The SKILL.md also suggests adding the key to openclaw.json (agent config), which expands where secrets might be stored but is within plausible configuration behavior.
Install Mechanism
This is an instruction-only skill with an included shell script and no install spec; it does not download arbitrary third-party code or run an installer. Required binaries (curl, jq) are reasonable and expected for the provided examples.
!
Credentials
The script and SKILL.md require TAVILY_API_KEY, but the skill metadata did not declare any required env vars or a primary credential. This omission could bypass metadata-based checks or gating and is disproportionate to the apparent complexity of the skill (it only needs one API key). Also storing the key in openclaw.json could persist the secret in agent config if used.
Persistence & Privilege
The skill does not request always:true and does not modify other skills. It does recommend adding the API key to openclaw.json, which would persist the key in agent configuration — this is normal but worth noting as it increases the persistence of the credential.
What to consider before installing
What to consider before installing: - The skill's code and examples are simple and do what the description says, but the registry metadata failed to declare the required TAVILY_API_KEY. Ask the publisher to update the metadata to list that env var/primary credential so platform gating and user warnings work correctly. - The script sends search queries and content to api.tavily.com. Do not include secrets or sensitive personal data in queries. - If you provide an API key, prefer using an environment variable rather than adding long-lived keys to shared openclaw.json; if you must store it in config, ensure the file is protected and rotate the key periodically. - Verify the publisher (check the tavily.com homepage and owner identity) before trusting the key with this skill. Test with a low-privilege or limited-usage API key first. - Because metadata omission is a visibility issue, treat this as a sign of sloppy packaging rather than proof of malicious intent — but correct the metadata or proceed only after verifying the source.

Like a lobster shell, security has layers — review code before you run it.

latestvk97btfyws9v4sddb2vnfb7cww9822bba

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Runtime requirements

🔍 Clawdis
Binscurl, jq

Comments