tavily-research
Pass
Audited by Gen Agent Trust Hub on Jun 23, 2026
Risk Level: SAFE
Full Analysis
- [DATA_EXFILTRATION]: The skill uses
curlto make network requests toapi.tavily.com. This is the intended behavior for interacting with the Tavily API to perform research tasks. - [CREDENTIALS_UNSAFE]: No hardcoded secrets were detected. The instructions correctly advise users to store their
TAVILY_API_KEYin an environment variable within a local configuration file (~/.openclaw/.env.local). - [PROMPT_INJECTION]: The skill possesses an indirect prompt injection surface because it ingests and processes content retrieved from the web via the Tavily API.
- Ingestion points: Data enters the agent's context from the
reportandsourcesfields of theapi.tavily.comresponse. - Boundary markers: The skill does not define specific markers or instructions to delimit or ignore potential commands within the retrieved content.
- Capability inventory: The skill is limited to making network requests via
curl; it does not have capabilities for file system modification or arbitrary command execution. - Sanitization: There is no evidence of sanitization or filtering applied to the external content before it is processed by the agent.
Audit Metadata