tavily-search
Pass
Audited by Gen Agent Trust Hub on Mar 20, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill facilitates network communication with
api.tavily.com, which is a recognized service for AI-enhanced search. It transmits only the user-provided query and the associated API key. - [SAFE]: Configuration of the
TAVILY_API_KEYis handled via environment variables or.envfiles located in the user's home directory (~/.openclaw/.env), which is the standard and recommended practice for local secret management. - [SAFE]: No external dependencies are required or installed. The logic in
scripts/search.pyuses only Python's built-in modules, eliminating risks associated with malicious third-party packages. - [SAFE]: The skill processes untrusted web content (search results), which represents a surface for indirect prompt injection. However, the risk is mitigated as the skill lacks high-risk capabilities such as file system writing or arbitrary command execution.
- Ingestion points: Data enters the agent context from the Tavily API response in
scripts/search.py. - Boundary markers: The script does not utilize specific delimiters to separate untrusted search content from instructions.
- Capability inventory: The skill's capabilities are restricted to network requests and standard output; it does not perform any file system or subprocess operations.
- Sanitization: Content is retrieved and displayed without specific sanitization or filtering.
Audit Metadata