tavily

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 0.90). The prompt contains examples that embed API keys directly in code and CLI flags (e.g., api_key="tvly-..." and --api-key "tvly-..."), encouraging the agent to output secrets verbatim instead of using environment variables or secure auth flow.

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill explicitly queries the public Tavily search API (SKILL.md and references/api-reference.md) and scripts/tavily_search.py fetches/extracts third‑party web content (including cleaned HTML via --raw-content and returned result["content"]/raw_content and AI-generated answers) which the agent is expected to read and use in its workflow, so untrusted web content can directly influence its actions.