ClawHub

Minimax Tavily Search

Security checks across malware telemetry and agentic risk

Overview

This is a straightforward Tavily search and URL extraction helper that sends chosen queries or URLs to Tavily using a Tavily API key.

Install only if you are comfortable using a Tavily API key and sending selected search queries or URLs to Tavily. Use a dedicated key where possible, avoid submitting secrets or private/internal URLs, and treat returned web content as untrusted.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (6)

Description-Behavior Mismatch

Medium
Confidence
90% confidence
Finding
The script implements Tavily URL extraction and returns raw page content, while the skill is described as a web search capability. That mismatch materially expands what the skill can do and can mislead users or downstream agents into granting it broader trust than warranted.

Context-Inappropriate Capability

Medium
Confidence
92% confidence
Finding
Printing raw webpage content is an additional data-access capability beyond concise search results and may expose sensitive information from provided URLs into logs, terminals, or downstream processing. In an agent context, this increases the chance of unreviewed data collection and prompt/data exfiltration through content ingestion.

Missing User Warnings

Medium
Confidence
88% confidence
Finding
The script sends user-supplied URLs and an API credential to a third-party service without any in-script disclosure or consent prompt. While the API key is expected for authentication, transmitting arbitrary URLs to an external provider can expose sensitive internal, private, or user-specific resources if callers are unaware of the data flow.

Missing User Warnings

Medium
Confidence
92% confidence
Finding
The script sends the user's search query and the Tavily API key to a third-party service, but the code provides no warning, consent flow, or data-handling notice. In an agent skill context, users may not realize prompts or potentially sensitive operational data are leaving the local environment, creating a privacy and secret-exposure risk if sensitive queries are passed through this tool.

External Transmission

Medium
Category
Data Exfiltration
Content
body.days = days;
}

const resp = await fetch("https://api.tavily.com/search", {
  method: "POST",
  headers: {
    "Content-Type": "application/json",
Confidence
89% confidence
Finding
fetch("https://api.tavily.com/search", { method: "POST"

External Transmission

Medium
Category
Data Exfiltration
Content
body.days = days;
}

const resp = await fetch("https://api.tavily.com/search", {
  method: "POST",
  headers: {
    "Content-Type": "application/json",
Confidence
89% confidence
Finding
https://api.tavily.com/

VirusTotal

51/51 vendors flagged this skill as clean.

View on VirusTotal