tavily-best-practices

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 0.90). The prompt includes explicit examples that embed an API key as a literal string (e.g., client = TavilyClient(api_key="tvly-YOUR_API_KEY") and adding the key to a settings.json), which encourages placing secrets directly into code/config and may cause an LLM to output secret values verbatim.

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill's API and examples (e.g., search(..., include_raw_content=True), extract(urls=[...]), crawl(url="https://..."), and research() which "automatic[ally] source[s]" and returns raw_content/sources) explicitly fetch and ingest arbitrary public web pages and user-generated content, so the agent will read untrusted third-party content as part of its workflow.