ClawHub

🔍 惠迈智能搜索

Security checks across malware telemetry and agentic risk

Overview

This Tavily search skill is a disclosed third-party API integration that sends user-directed searches, URLs, and research prompts to Tavily using a user-provided API key.

Install only if you are comfortable using Tavily as a third-party processor for searches, URLs, extracted page content, and research prompts. Store the API key in the environment or a secret manager, do not paste secrets into queries, and avoid sending confidential or internal-only URLs unless you have approval.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (6)

Intent-Code Divergence

Medium
Confidence
97% confidence
Finding
The OpenAPI document declares `security: []` at the top level, which means no authentication by default, while the specific endpoint later requires `bearerAuth`. This inconsistency can cause generated clients, agents, or security tooling to mis-handle authentication, leading to accidental unauthenticated requests, auth bypass assumptions, or incorrect exposure of an authenticated capability.

Missing User Warnings

Medium
Confidence
86% confidence
Finding
The documentation encourages sending arbitrary URLs to a third-party extraction API but does not warn that requested content and target URLs are transmitted to an external service. In an agent setting, this can lead to unintended disclosure of sensitive internal URLs, user-provided private links, or regulated data if callers treat extraction as local processing.

Missing User Warnings

Medium
Confidence
94% confidence
Finding
The documentation describes a research feature that sends user-provided input to Tavily for processing but does not clearly warn that prompts and potentially sensitive content are transmitted to a third-party service. In an agent skill context, this can lead to unintentional disclosure of secrets, personal data, or internal business information because users or calling agents may assume processing is local or implicitly safe.

Missing User Warnings

Medium
Confidence
96% confidence
Finding
The skill documentation explicitly directs agents to send user search queries, and optionally fetched page content, to Tavily's external API without any user-facing notice, consent gating, or data minimization guidance. In an agent setting, this can cause inadvertent disclosure of sensitive prompts, internal URLs, or extracted content to a third party, making the issue more dangerous than ordinary API docs because the skill is designed for automated use.

External Transmission

Medium
Category
Data Exfiltration
Content
optimized for LLMs.
  version: 1.0.0
servers:
  - url: https://api.tavily.com/
security: []
tags:
  - name: Search
Confidence
80% confidence
Finding
https://api.tavily.com/

External Transmission

Medium
Category
Data Exfiltration
Content
optimized for LLMs.
  version: 1.0.0
servers:
  - url: https://api.tavily.com/
security: []
tags:
  - name: Search
Confidence
91% confidence
Finding
https://api.tavily.com/

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal