Openclaw Aisa Web Search Tavily Hardened
PassAudited by ClawScan on May 10, 2026.
Overview
This appears to be a straightforward AIsa/Tavily web-search helper that uses your AIsa API key and sends requested searches or URLs to AIsa, with no hidden persistence or unrelated data access evident.
Before installing, be comfortable sharing your search queries and requested URLs with AIsa's Tavily gateway and using your AIsa API quota. The artifacts do not show persistence, local file scanning, credential theft, or unrelated network destinations, but you should protect AISA_API_KEY and avoid using the skill for confidential internal searches unless the provider is approved for that data.
Findings (3)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
Your AIsa API key is needed to run searches and may consume your provider quota.
The skill reads AISA_API_KEY from the environment and uses it as a bearer token for the AIsa API. This is expected for the stated service integration, and the artifacts do not show logging, hardcoding, or unrelated use of the credential.
const apiKey = (process.env.AISA_API_KEY ?? "").trim(); ... "Authorization": `Bearer ${apiKey}`,Use a dedicated or limited-scope AIsa key if available, keep it out of shared logs, and unset it when not needed.
AIsa/Tavily can receive the searches you run, and the extract script similarly sends requested URLs to the provider.
Search requests are sent to AIsa's external API gateway. This is disclosed and purpose-aligned, but it means user-provided search terms leave the local environment.
await fetch("https://api.aisa.one/apis/v1/tavily/search", { ... body: JSON.stringify(body), });Avoid sending confidential queries, private URLs, or sensitive internal information unless you are comfortable with AIsa's handling of that data.
You have less independent provenance information about who maintains the skill or where the published code came from.
The registry metadata does not provide a source repository. The included code is present and there is no install spec or remote installer, so this is a provenance note rather than evidence of unsafe behavior.
Source: unknown
Prefer installing from a trusted registry account, and review the included scripts before use if provenance matters for your environment.