ClawHub
Skill flagged — suspicious patterns detected

ClawHub Security flagged this skill as suspicious. Review the scan results before using.

tavily

v2.0.1

Web search via Tavily API (alternative to Brave). Use when the user asks to search the web / look up sources / find links and Brave web_search is unavailable...

0· 64·0 current·0 all-time
by@stavc
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Suspicious
medium confidence
!
Purpose & Capability
The SKILL.md describes a Tavily web-search helper that expects an API key and a bundled script at {baseDir}/scripts/tavily_search.py. The published package contains no scripts or code files, and the registry metadata lists no required environment variables. Asking for an external API key is consistent with the described purpose, but the absence of the actual implementation is a major mismatch.
!
Instruction Scope
Runtime instructions tell the agent to run a local Python script and optionally read ~/.openclaw/.env for TAVILY_API_KEY. The package does not include that script, so the instructions cannot be independently verified. The instructions also give the agent discretion to 'fetch full pages only when needed' — without the script it's unclear what will be fetched or how data is handled/transmitted.
Install Mechanism
There is no install spec and no code files (instruction-only). That lowers install-time risk because nothing is automatically downloaded or written to disk by the installer. However, because the SKILL.md references a local script that isn't present, it's unclear how or where the implementation is expected to come from.
!
Credentials
SKILL.md requires a TAVILY_API_KEY via environment or ~/.openclaw/.env, but the skill's declared requirements list no env vars and no primary credential. The instruction to read a dotfile in the user's home directory indicates access to local user configuration, which should have been declared and justified.
Persistence & Privilege
The skill is not marked always:true and uses default agent invocation rules. It does not request persistent system-level privileges in the metadata. No evidence it modifies other skills or global agent configuration.
What to consider before installing
Do not install or provide credentials yet. Ask the publisher for the missing script (scripts/tavily_search.py) and a clear explanation of where it will be stored and what network endpoints it calls. Verify the expected environment variable (TAVILY_API_KEY) is declared in the registry metadata before supplying a key. Note the package metadata (_meta.json) and registry metadata appear inconsistent; prefer packages that include their implementation and explicit env requirements or test this skill in a sandboxed environment with a throwaway API key only after you receive a full, auditable implementation.

Like a lobster shell, security has layers — review code before you run it.

latestvk972afmhfav8k3b7j7bs037has83yrta

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments