tavily-research

Pass

Audited by Gen Agent Trust Hub on Jun 23, 2026

Risk Level: SAFE
Full Analysis
  • [DATA_EXFILTRATION]: The skill uses curl to make network requests to api.tavily.com. This is the intended behavior for interacting with the Tavily API to perform research tasks.
  • [CREDENTIALS_UNSAFE]: No hardcoded secrets were detected. The instructions correctly advise users to store their TAVILY_API_KEY in an environment variable within a local configuration file (~/.openclaw/.env.local).
  • [PROMPT_INJECTION]: The skill possesses an indirect prompt injection surface because it ingests and processes content retrieved from the web via the Tavily API.
  • Ingestion points: Data enters the agent's context from the report and sources fields of the api.tavily.com response.
  • Boundary markers: The skill does not define specific markers or instructions to delimit or ignore potential commands within the retrieved content.
  • Capability inventory: The skill is limited to making network requests via curl; it does not have capabilities for file system modification or arbitrary command execution.
  • Sanitization: There is no evidence of sanitization or filtering applied to the external content before it is processed by the agent.
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 23, 2026, 06:06 AM
Security Audit — agent-trust-hub — tavily-research