Tavily

PassAudited by ClawScan on May 10, 2026.

Overview

This appears to be a straightforward Tavily web-search wrapper, but it will use your Tavily API key and send search queries to Tavily.

This skill is reasonable to install if you want Tavily search integration. Make sure you are comfortable giving the agent access to a Tavily API key, avoid sending secrets in search queries, and review the visible scripts since the registry does not provide a source homepage.

Findings (3)

Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.

Low

#ASI03: Identity and Privilege Abuse

What this means

Anyone or anything able to invoke the skill with this environment variable can spend quota or make searches under that Tavily account.

Why it was flagged

The script reads the Tavily API key from the environment and uses it only as a Bearer token for the Tavily request, which is purpose-aligned but gives the agent access to a usable provider credential.

Skill content

const apiKey = process.env.TAVILY_API_KEY; ... 'Authorization': `Bearer ${apiKey}`,

Recommendation

Use a revocable Tavily key, limit exposure of the environment variable, and rotate the key if it is shared accidentally.

Low

#ASI07: Insecure Inter-Agent Communication

What this means

Search terms may be visible to Tavily, so sensitive or confidential queries should be treated as shared with that provider.

Why it was flagged

The script posts the search query and optional domain filters to Tavily's external API, which is the expected provider data flow for this skill.

Skill content

const TAVILY_ENDPOINT = 'https://api.tavily.com/search'; ... body: JSON.stringify(payload),

Recommendation

Avoid putting secrets or private content in search queries unless you are comfortable sending them to Tavily.

Info

#ASI04: Agentic Supply Chain Vulnerabilities

What this means

You have less external context for who maintains the skill, even though the provided code is reviewable.

Why it was flagged

The package provenance is limited by the absence of a source URL or homepage, although the included scripts are short, visible, and do not download dependencies.

Skill content

Source: unknown; Homepage: none

Recommendation

Review the included scripts before installing and prefer a known source if provenance is important for your environment.