Perplexity Wrapped Search
PassAudited by ClawScan on May 1, 2026.
Overview
This appears to be a coherent Perplexity web-search integration, with some expected cautions around API-key use, third-party model routing, and an optional unwrapped JSON debug mode.
This skill is reasonable to install if you want Perplexity-backed web search. Configure a Perplexity API key deliberately, watch usage costs, avoid putting sensitive data in queries, and prefer the default wrapped output instead of --json when another agent will read the results.
Findings (3)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
Using the skill can spend quota or incur charges on the Perplexity account tied to the API key.
The skill uses a Perplexity API key for authenticated API calls, while the registry metadata lists no required env vars or primary credential. API-key use is expected for this integration, but should be declared clearly.
export const apiKey = process.env.PERPLEXITY_API_KEY || null;
Use a dedicated Perplexity API key if possible, monitor billing, and prefer updating the skill metadata to declare PERPLEXITY_API_KEY explicitly.
Queries, custom instructions, and retrieved web context may be handled by Perplexity and selected third-party model providers.
Agentic mode is disclosed as routing work through Perplexity's agentic API with third-party models and web tools. This is aligned with the skill purpose, but it broadens where query content may be processed.
Advanced mode with third-party models (OpenAI, Anthropic, Google, xAI), web_search and fetch_url tools
Avoid submitting secrets, private documents, or sensitive personal data in queries unless that provider routing is acceptable.
If raw JSON output is fed back into an agent, malicious text from web results could be mistaken for instructions.
The skill normally wraps web results as untrusted content, but this documented debug option bypasses that wrapper. Raw search results may contain prompt-injection text if an agent consumes them directly.
--json Output raw JSON (debug mode, unwrapped)
Use the default wrapped output for agent-facing search results, and reserve --json for debugging or manual inspection.