ClawHub
Back to skill

Security audit

Double search(Tavily + Kimi)

Security checks across malware telemetry and agentic risk

Overview

This is a disclosed dual search helper that sends searches to Tavily and Kimi/Moonshot, with privacy caveats but no evidence of hidden theft or destructive behavior.

Install only if you are comfortable sending search queries to Tavily and Moonshot/Kimi and using API keys for those providers. Do not submit secrets, private internal text, regulated data, or personal information as search queries unless those providers are approved for that data. Review install.sh before running it, especially because it can print partial key prefixes and run a networked test query.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (5)

Lp3

Medium
Category
MCP Least Privilege
Confidence
90% confidence
Finding
The skill declares required environment variables and clearly intends to make outbound network requests, but there is no explicit permissions declaration covering those capabilities. That creates a transparency and policy-enforcement gap: users or the host platform may not realize the skill can access secrets and send data externally. In a search skill, this is especially relevant because API keys and user queries are sensitive and should be governed by explicit capability declarations.

Missing User Warnings

Medium
Confidence
93% confidence
Finding
The README documents sending user queries to Tavily and Kimi in parallel but does not clearly warn that user input will be transmitted to third-party services. In an agent skill context, users may submit sensitive prompts, internal data, or proprietary questions, so missing disclosure can cause unintended data exposure and privacy/compliance issues.

Missing User Warnings

Medium
Confidence
93% confidence
Finding
The documentation describes search functionality but does not clearly warn users that their queries will be transmitted to external third-party services, Tavily and Kimi. This creates a privacy risk because users may submit proprietary, personal, or otherwise sensitive prompts under the assumption that processing is local. In the context of a search skill, external transmission is inherent, so explicit disclosure is necessary.

Missing User Warnings

Medium
Confidence
88% confidence
Finding
User-supplied search queries are sent to Tavily, an external third-party service, without any visible consent flow, warning, or data-handling disclosure. If users enter sensitive prompts, internal names, or proprietary information, that data leaves the local environment and may be logged or retained by the provider.

Missing User Warnings

Medium
Confidence
89% confidence
Finding
The skill forwards search input to the Kimi/Moonshot API without explicit notice that the content is being sent off-box. This creates data exposure risk if a user assumes the query stays local and includes confidential, regulated, or personal information.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.