Claw Tavily Search Pro
Security checks across static analysis, malware telemetry, and agentic risk
Overview
This appears to be a straightforward Tavily search/extraction skill, but it uses your Tavily API key, returns untrusted web content, and has a minor internal metadata mismatch to verify.
This skill looks safe for its stated purpose if you intend to use Tavily. Before installing, verify the publisher/metadata mismatch, provide only a Tavily API key you are comfortable using, avoid sending sensitive queries or private URLs, and treat returned web content as reference material rather than instructions.
Static analysis
No static analysis findings were reported for this release.
VirusTotal
VirusTotal findings are pending for this skill version.
Risk analysis
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
A malicious or misleading web page could influence the agent if its extracted text is followed as instructions rather than treated as source material.
The skill can print raw content extracted from arbitrary web URLs. That is purpose-aligned, but web content is untrusted and could contain prompt-injection text if an agent treats it as authoritative.
const content = String(r?.raw_content ?? "").trim(); ... console.log(content || "(no content extracted)");
Treat Tavily answers, snippets, and extracted page text as untrusted references; verify important claims before taking action.
Your Tavily account key may be used for searches, which can expose queries to Tavily and consume account quota or credits.
The script reads the Tavily API key from the environment and sends it to Tavily as part of the search request. This is expected for the service and no unrelated credential use is shown.
const apiKey = (process.env.TAVILY_API_KEY ?? "").trim(); ... body = { api_key: apiKey, query: query, ... }Use a dedicated Tavily key with appropriate limits, keep it out of prompts and logs, and revoke it if you no longer trust the skill.
The package identity may be confusing, making it harder to confirm that this is the intended skill from the intended publisher.
The internal _meta.json ownerId and slug differ from the supplied registry metadata for 'claw-tavily-search-pro'. The included code still appears coherent, but the provenance mismatch is worth verifying.
"ownerId": "kn7azq5e6sw0fbwwzdpcwvvjzd7z0x4z", "slug": "claw-tavily-search"
Confirm the publisher, slug, and source before installing, especially if you rely on a specific maintained Tavily integration.