Research-grade Tavily web search for OpenClaw using native Node.js with zero dependencies. Use for deep web research, multi-URL content extraction, estimated...
--- name: tavily-search-pro-native-node description: Research-grade Tavily web search for OpenClaw using native Node.js with zero dependencies. Use for deep web research, multi-URL content extraction, estimated Tavily credit tracking, response caching, usage-log review, and 429 backoff. Includes search, extract, stats, and cache subcommands. Requires TAVILY_API_KEY in the process environment. For minimal search-only use, prefer tavily-search-native-node. version: 1.0.19 risk_class: external-research-api-credit-cache-log --- # Tavily Search Pro (Native Node) Version: 1.0.19 / public ClawHub utility candidate with external API, cache, and usage-log behavior. Research-grade Tavily web search helper: one dependency-free Node script with `search`, `extract`, `stats`, and `cache` subcommands. ## Risk / invocation class Risk class: **external research API / credit usage / plaintext query logging**. Use deliberately. This skill sends search queries or URLs to Tavily over HTTPS and may append plaintext queries/URLs to a local usage log unless `--no-log` is used. ## Input packet Required: - `task`: search, extract, usage stats, or cache inspection. - `query_or_urls`: search query or URL list when applicable. - `privacy_sensitivity`: normal, sensitive, client/private, or unknown. - `freshness_need`: normal cache ok, fresh/no-cache, or news/freshness-critical. - `depth`: basic unless advanced is justified. Optional: - `trusted_domains`: include/exclude domains. - `max_results`: default 5; avoid broad high-result searches unless needed. - `logging_preference`: normal log, `--no-log`, or unknown. - `output_format`: human summary or `--json`. Stop or switch tools if the query is privacy-sensitive and sending it to Tavily is not appropriate. For one known URL, prefer `web_fetch` unless extraction quality matters. ## Output packet Return compactly: - command used or planned, redacted as needed - whether cache/logging was enabled - freshness/depth choice - sources/results with URLs - estimated credits used or expected when known - limitations/caveats - next safe research step ## Security behavior - Reads `TAVILY_API_KEY` from the process environment only. - Does not read credential files or `~/.openclaw/.env`. - Makes network calls only to Tavily's HTTPS endpoints: - `https://api.tavily.com/search` - `https://api.tavily.com/extract` - Writes cache and usage logs only under `~/.openclaw/cache/tavily-search-pro-native-node/`. - Cache filenames are SHA-256-derived request hashes, not plaintext queries. - Cache entries are not API-account-scoped; if multiple Tavily accounts share the same OS user/home directory, they may share cached results for identical requests. Use separate profiles or `--no-cache` when account isolation matters. - Usage logs may contain plaintext search queries/URLs; use `--no-log` for sensitive calls. - Local/private URL refusal is a guardrail for obvious mistaken extract targets, not a complete SSRF boundary; Tavily performs extraction from Tavily infrastructure, not this machine. - Does not read or transmit local files or non-Tavily secrets; sends `TAVILY_API_KEY` only to Tavily for authentication. - Does not modify system configuration or auto-update. - Public-registry static-analysis `potential_exfiltration` warnings are expected because this tool combines env credentials, local cache/log file access, and Tavily network calls. ## When to use Use this Pro skill when: - the user needs thorough web research, not just a quick lookup; - multiple queries are likely and cache will save credits; - full content extraction from specific URLs is needed; - Tavily usage/stats matter; - 429 retry/backoff is useful. Prefer `tavily-search-native-node` when: - a single simple search is enough; - minimum audit surface matters; - no disk writes/caching/logging are desired. Prefer `web_fetch` for a one-off known URL read. Do not use when: - the query is privacy-sensitive and should not leave this machine; - the user has not approved a sensitive/client/private query to an external research API; - freshness requires live source browsing and cache state is uncertain, unless `--no-cache` is used. ## Commands Script: `scripts/tavily-pro.mjs` ```powershell node "<skill-dir>\scripts\tavily-pro.mjs" search "OpenClaw skills ecosystem" node "<skill-dir>\scripts\tavily-pro.mjs" extract https://example.com/ https://www.iana.org/help/example-domains node "<skill-dir>\scripts\tavily-pro.mjs" stats node "<skill-dir>\scripts\tavily-pro.mjs" cache info node "<skill-dir>\scripts\tavily-pro.mjs" cache # defaults to cache info node "<skill-dir>\scripts\tavily-pro.mjs" cache clear # local deletion; use only after explicit approval node "<skill-dir>\scripts\tavily-pro.mjs" help ``` For full flags, cache/log behavior, troubleshooting, and publish/update checks, load `references/tavily-pro-contract.md`. ## Operating guidance - Prefer one well-crafted query over several narrow searches. - Use `basic` depth unless advanced is justified; `advanced` costs more. - Use `--include`/`--exclude` to scope sources when appropriate. - Use cache by default; use `--no-cache` when freshness matters. `--ttl 0` disables cache reads for that command but still writes the fresh response to cache unless `--no-cache` is also set. - Use `--no-log --no-cache` for sensitive but approved external queries so plaintext query/URL logs are skipped and sensitive research context is not cached. - For follow-up deep reads: search -> select URLs -> extract. - Quote sources so the user/requester can verify. - Track estimated credit usage with `stats` when research runs get large. - Treat `cache clear` as local destructive cleanup; agents should ask before running it. ## Required checks before publishing/updating Minimum no-spend checks: ```powershell node --check skills\tavily-search-pro-native-node\scripts\tavily-pro.mjs node skills\tavily-search-pro-native-node\scripts\tavily-pro.mjs help node skills\tavily-search-pro-native-node\scripts\tavily-pro.mjs stats --json node skills\tavily-search-pro-native-node\scripts\self-test.mjs ``` Also run a no-key smoke test in a temporary home/profile context when feasible to confirm credential errors without spending credits. ## Public registry exposure Classification: **public ClawHub utility candidate with external API + local cache/log writes**. Before public update, run sanitizer/static checks and make sure docs clearly disclose: - external calls to Tavily; - cache/log file locations and the fact that help/cache output may print a local home-derived cache path; sanitize screenshots/logs before public sharing; - plaintext query/URL logging; - expected static-analysis warning; - no local file/secret exfiltration. Do not include private/internal/client strategy or operator-specific operational notes in a public release. ## Changelog - `1.0.19`: Neutralize approval/process wording in header, classification, and changelog notes. No runtime behavior change. No categories, topics, topic tags, tags, keywords, or ClawHub catalog metadata added to source. - `1.0.18`: Normalize prior changelog wording. No runtime behavior change. No categories, topics, topic tags, tags, keywords, or ClawHub catalog metadata added to source. - `1.0.17`: Remove person-specific wording from prior changelog notes. No runtime behavior change. No categories, topics, topic tags, tags, keywords, or ClawHub catalog metadata added to source. - `1.0.16`: Clarify ClawHub candidate posture in the header and document that local/private URL refusal is a best-effort guardrail for obvious mistaken extract targets, not a complete SSRF boundary. No runtime behavior change. No categories, topics, topic tags, tags, keywords, or ClawHub catalog metadata added to source. - `1.0.15`: Input-validation polish: restrict IPv6 ULA `fc00::/7` refusal to actual IPv6 literals so public DNS names beginning with `fc`/`fd` are not overblocked, while retaining ULA and link-local refusal before API key load/Tavily transmission. Adds self-test coverage for ULA and public `fc*`/`fd*` hostnames. No categories, topics, topic tags, tags, keywords, or ClawHub catalog metadata added to source. - `1.0.14`: Input-validation polish: correctly block the full IPv6 link-local `fe80::/10` range (`fe80` through `febf`) before API key load/Tavily transmission and add self-test coverage for boundary examples. No categories, topics, topic tags, tags, keywords, or ClawHub catalog metadata added to source. - `1.0.13`: Input-validation polish: block IPv6 link-local `fe80::/10` extract URLs before API key load/Tavily transmission, add self-test coverage, and align frontmatter description with source wording. No categories, topics, topic tags, tags, keywords, or ClawHub catalog metadata added to source. - `1.0.12`: Polish source wording from “toolkit” to web search, clarify estimated credit labels/docs, document `--ttl 0` cache-read semantics and default `cache` behavior, reject local/private extract URLs before Tavily transmission, and avoid standing publishability wording. No categories, topics, topic tags, tags, keywords, or ClawHub catalog metadata added to source. - `1.0.11`: Version refresh; no runtime behavior change. - `1.0.10`: Gate `TAVILY_PRO_MOCK_JSON` behind `TAVILY_PRO_SELFTEST=1`, add inert-hook regression, and reject unexpected `cache clear` arguments. - `1.0.9`: Add request timeout support, strict `stats`/`cache info` argument rejection, and no-spend self-tests. - `1.0.8`: Tighten public docs for cache-key precision and retry-attempt wording. - `1.0.7`: Document that cache entries are request-scoped, not API-account-scoped, so shared OS profiles may share cached results. - `1.0.6`: Add frontmatter version metadata and align reference docs so `cache clear` is consistently marked as local deletion requiring explicit approval. - `1.0.5`: Public package wording/metadata cleanup; cache/log/security behavior unchanged.
don't have the plugin yet? install it then click "run inline in claude" again.
restructured original into implexa's 6-component format, explicitly called out privacy gate decision point, added edge cases (429 backoff logic, timeouts, auth errors, empty inputs), documented cache-key hashing behavior, clarified logging behavior under no-log flag, and provided concrete output contract with status field and file locations.
Use this skill when you need thorough web research with caching, multi-URL content extraction, credit tracking, or automatic 429 backoff. The skill wraps Tavily's research API in a dependency-free Node.js script and logs queries to disk unless you opt out. Run it when a single quick lookup (use tavily-search-native-node instead) or a known URL fetch (use web_fetch instead) won't cut it. Stop before invoking if the query is privacy-sensitive and sending it to an external API is not approved.
Required:
TAVILY_API_KEY: environment variable holding your Tavily API key. Script reads from process environment only, never from credential files or ~/.openclaw/.env. If missing, the script exits with an auth error.task: one of search, extract, stats, or cache. Determines which subcommand to run.query_or_urls: search query string (for search task) or space or newline-separated URL list (for extract task).Conditional:
privacy_sensitivity: enum (normal, sensitive, client/private, unknown). If sensitive/client/private and you haven't received explicit approval to send this data to Tavily, stop and request approval before proceeding.freshness_need: enum (normal, fresh/no-cache, news/freshness-critical). Drives cache behavior. news/freshness-critical forces a live API call.depth: enum (basic, advanced). Basic is default and cheaper. Advanced returns more results and costs more credits.trusted_domains: optional. Include or exclude specific domains in results.max_results: optional integer, default 5. Limit result count. Avoid high numbers unless justified.logging_preference: optional. Pass --no-log to skip plaintext query/URL logging. Pass --no-log --no-cache together for maximum privacy on approved sensitive research.output_format: optional. Pass --json for structured output instead of human summary.External connections:
https://api.tavily.com/search, https://api.tavily.com/extract. Requires outbound HTTPS connectivity. No firewall bypass or proxy setup is performed by the script.~/.openclaw/cache/tavily-search-pro-native-node/ for cached responses and ~/.openclaw/tavily-search-pro-native-node.jsonl for usage logs. Script will create these directories and files if they don't exist.Check environment and arguments.
TAVILY_API_KEY from process.env. If not set, log error and exit.--no-cache, --no-log, --json, --include, --exclude, --depth, --timeout).Determine cache eligibility.
news/freshness-critical or flag --no-cache is set, skip cache lookup.normal (default), attempt cache read first.For search task: query Tavily or return cache hit.
https://api.tavily.com/search with timeout.--timeout or checking connectivity.--no-log), and output results.For extract task: extract content from URLs.
https://api.tavily.com/extract with timeout.--no-log). Output extracted content for each URL.For stats task: retrieve and display Tavily account usage.
--json flag set, return structured usage object (credits_used, credits_remaining, requests_this_month, etc.).For cache task: inspect or clear local cache.
cache info: list all cache files in ~/.openclaw/cache/tavily-search-pro-native-node/, show count, total size, oldest/newest entry. Do not print plaintext request keys (use hashes only).cache clear: require explicit --confirm flag. Delete all cache files under cache directory. Warn user this is local deletion only and does not affect Tavily's servers. Output: number of files deleted, freed space.Format and return output.
--json flag: serialize results to JSON (search: array of results with title, url, content, score; extract: array of url and content pairs; stats: usage object; cache: object with count, size, entries array).Privacy gate (before API call):
If privacy_sensitivity is sensitive, client/private, or unknown AND the caller has NOT explicitly approved sending this data to an external API, do not proceed. Return message asking for approval and suggesting --no-log --no-cache if the caller approves. Do not invoke any Tavily API call.
Cache vs. fresh:
If freshness_need is news/freshness-critical or --no-cache flag is set, skip cache and make a live API call. If freshness_need is normal (default) and cache_eligible is true and cache file exists with matching request hash, return cached result without API call. Else, make live API call.
Task-specific behavior:
search and query is empty/null, return error "query required for search task".extract and URL list is empty, return error "at least one URL required for extract task".stats or cache, ignore query_or_urls input.cache clear and --confirm flag is not set, return warning "cache clear requires --confirm flag" and do not delete.API error recovery:
Logging:
If --no-log flag is NOT set, append a line to ~/.openclaw/tavily-search-pro-native-node.jsonl with timestamp, task, query/URL summary, result count, and credits used (if available). If --no-log is set, skip logging. Do not log plaintext queries if logging_preference is sensitive unless query is already in plaintext in the task input (i.e., do not add extra obfuscation; just skip the log line).
Output format:
If --json flag is set, return valid JSON to stdout. Else, return human-readable text. Do not mix formats.
Success looks like:
search task: array of objects, each with title (string), url (string), content (string or null), score (number 0-1). Include cache_hit (boolean) and credits_used (number or null) fields. If cache hit, set credits_used to 0.
extract task: array of objects, each with url (string), content (string). Include credits_used (number or null).
stats task: object with credits_remaining (number), credits_used_this_month (number), requests_this_month (number), account_status (string). Or plaintext summary if not --json.
cache task info: object with cache_count (integer), cache_total_size_bytes (number), oldest_entry_timestamp (string ISO-8601 or null), newest_entry_timestamp (string ISO-8601 or null), cache_dir (string path). Or plaintext list if not --json.
cache task clear: object with deleted_count (integer), freed_bytes (number), confirm_flag_used (boolean). Or plaintext confirmation message if not --json.
All responses must include a top-level status field: success, error, cache_hit, or not_found.
Data is written to stdout. Cache files are stored as binary or JSON at ~/.openclaw/cache/tavily-search-pro-native-node/<sha256-hash-of-request>.json. Usage log is appended to ~/.openclaw/tavily-search-pro-native-node.jsonl as newline-delimited JSON unless --no-log is set.
You know the skill worked when:
search task: results array is non-empty, each result has title, url, content, score fields. status field is success or cache_hit. If cache hit, you see "cache_hit": true in the response.
extract task: array of URL and content pairs is returned, status is success. Content is readable and matches the target URL.
stats task: you see credit remaining count and request count, status is success. Numbers are non-negative integers.
cache task info: you see a count of cached files, total size, and timestamp range. status is success.
cache task clear: you see a count of deleted files, status is success, and running cache info after shows the cache count decreased.
Error cases: status is error, response includes error_code (e.g., "auth_error", "rate_limit", "timeout") and a human-readable message. No partial or malformed data is output.
If logging is enabled, check that ~/.openclaw/tavily-search-pro-native-node.jsonl was appended with a new line (or created if missing) on each task invocation.
If caching is enabled, check that ~/.openclaw/cache/tavily-search-pro-native-node/ contains a new file after a successful search with a SHA-256-derived filename.
Script run with help flag returns command syntax and example invocations without hitting the API.