tavily-key-generator-proxy
Auto batch-register Tavily API keys via browser automation and pool them behind a unified proxy gateway with web console
How do I install this agent skill?
npx skills add https://github.com/aradotso/trending-skills --skill tavily-key-generator-proxyIs this agent skill safe to install?
- Gen Agent Trust Hubfail
The skill requires downloading and executing code from an unverified third-party GitHub repository. It also employs subprocess execution to run local scripts based on network triggers, which can lead to remote code execution if the source repository is compromised or contains malicious logic.
- Socketpass
No alerts
- Snykfail
Risk: CRITICAL · 5 issues
- Runlayerfail
1/1 file flagged
- ZeroLeakspass
1 finding · Score: 82/100
What does this agent skill do?
Tavily Key Generator + API Proxy
Skill by ara.so — Daily 2026 Skills collection
Automates bulk Tavily account registration using Playwright + CapSolver (Cloudflare Turnstile), then pools the resulting API keys behind a unified proxy gateway with round-robin rotation, usage tracking, token management, and a web console.
What It Does
| Component | Location | Purpose |
|---|---|---|
| Key Generator | root / | Playwright-driven headless Firefox registers Tavily accounts, solves Turnstile CAPTCHAs, verifies email, extracts API key |
| API Proxy | proxy/ | FastAPI service that round-robins requests across pooled keys, exposes /api/search and /api/extract, serves web console at /console |
Each free Tavily account yields 1,000 API calls/month. The proxy aggregates quota: 10 keys = 10,000 calls/month via one endpoint.
Installation
Key Generator
git clone https://github.com/skernelx/tavily-key-generator.git
cd tavily-key-generator
pip install -r requirements.txt
playwright install firefox
cp config.example.py config.py
# Edit config.py with your CapSolver key and email backend
python main.py
API Proxy (Docker — recommended)
cd proxy/
cp .env.example .env
# Set ADMIN_PASSWORD in .env
docker compose up -d
# Console at http://localhost:9874/console
Configuration (config.py)
CAPTCHA Solver (required)
# CapSolver — recommended (~$0.001/solve, high success rate)
CAPTCHA_SOLVER = "capsolver"
CAPSOLVER_API_KEY = "CAP-..." # from capsolver.com
# Browser click fallback — free but low success rate
CAPTCHA_SOLVER = "browser"
Email Backend (required — pick one)
Option A: Cloudflare Email Worker (self-hosted, free)
EMAIL_BACKEND = "cloudflare"
EMAIL_DOMAIN = "mail.yourdomain.com"
EMAIL_API_URL = "https://mail.yourdomain.com"
EMAIL_API_TOKEN = "your-worker-token"
Option B: DuckMail (third-party temporary email)
EMAIL_BACKEND = "duckmail"
DUCKMAIL_API_BASE = "https://api.duckmail.sbs"
DUCKMAIL_BEARER = "dk_..."
DUCKMAIL_DOMAIN = "duckmail.sbs"
If both backends are configured, the CLI prompts you to choose at runtime.
Registration Throttle (anti-ban)
THREADS = 2 # Max 3 — more = higher ban risk
COOLDOWN_BASE = 45 # Seconds between registrations
COOLDOWN_JITTER = 15 # Random additional seconds
BATCH_LIMIT = 20 # Pause after this many registrations
Auto-upload to Proxy (optional)
PROXY_AUTO_UPLOAD = True
PROXY_URL = "http://localhost:9874"
PROXY_ADMIN_PASSWORD = "your-admin-password"
Running the Key Generator
python main.py
# Prompts: how many keys to generate, which email backend
# Output: api_keys.md with all generated keys
# If PROXY_AUTO_UPLOAD=True, keys are pushed to proxy automatically
Generated api_keys.md format (used for bulk import into proxy):
tvly-abc123...
tvly-def456...
tvly-ghi789...
API Proxy Usage
Calling the Proxy (drop-in Tavily replacement)
# Search — replace base URL only
curl -X POST http://your-server:9874/api/search \
-H "Authorization: Bearer tvly-YOUR_PROXY_TOKEN" \
-H "Content-Type: application/json" \
-d '{"query": "latest AI news", "search_depth": "basic"}'
# Extract
curl -X POST http://your-server:9874/api/extract \
-H "Authorization: Bearer tvly-YOUR_PROXY_TOKEN" \
-H "Content-Type: application/json" \
-d '{"urls": ["https://example.com/article"]}'
Token can also be passed in the request body as api_key (Tavily SDK compatible):
import requests
response = requests.post(
"http://your-server:9874/api/search",
json={
"query": "Python web scraping",
"api_key": "tvly-YOUR_PROXY_TOKEN"
}
)
print(response.json())
Python SDK Integration
from tavily import TavilyClient
# Point SDK at your proxy — no other changes needed
client = TavilyClient(
api_key="tvly-YOUR_PROXY_TOKEN",
base_url="http://your-server:9874"
)
results = client.search("machine learning trends 2025")
Admin API Reference
All admin endpoints require header: X-Admin-Password: your-password
Keys Management
# List all keys
curl http://localhost:9874/api/keys \
-H "X-Admin-Password: secret"
# Add a single key
curl -X POST http://localhost:9874/api/keys \
-H "X-Admin-Password: secret" \
-H "Content-Type: application/json" \
-d '{"key": "tvly-abc123..."}'
# Bulk import from api_keys.md text
curl -X POST http://localhost:9874/api/keys \
-H "X-Admin-Password: secret" \
-H "Content-Type: application/json" \
-d '{"bulk": "tvly-abc...\ntvly-def...\ntvly-ghi..."}'
# Toggle key enabled/disabled
curl -X PUT http://localhost:9874/api/keys/{id}/toggle \
-H "X-Admin-Password: secret"
# Delete key
curl -X DELETE http://localhost:9874/api/keys/{id} \
-H "X-Admin-Password: secret"
Token Management
# Create access token
curl -X POST http://localhost:9874/api/tokens \
-H "X-Admin-Password: secret" \
-H "Content-Type: application/json" \
-d '{"label": "my-app"}'
# Returns: {"token": "tvly-...", "id": "..."}
# List tokens
curl http://localhost:9874/api/tokens \
-H "X-Admin-Password: secret"
# Delete token
curl -X DELETE http://localhost:9874/api/tokens/{id} \
-H "X-Admin-Password: secret"
Stats
curl http://localhost:9874/api/stats \
-H "X-Admin-Password: secret"
# Returns: total_quota, used, remaining, active_keys, disabled_keys
Change Admin Password
curl -X PUT http://localhost:9874/api/password \
-H "X-Admin-Password: current-password" \
-H "Content-Type: application/json" \
-d '{"new_password": "new-secure-password"}'
Proxy Behavior
- Round-robin: requests distributed evenly across active keys
- Auto-disable: key disabled after 3 consecutive failures
- Quota tracking: total = active_keys × 1,000/month; updates automatically on add/delete/toggle
- Token format: proxy tokens use
tvly-prefix, indistinguishable from real Tavily keys to clients
Proxy .env Configuration
ADMIN_PASSWORD=change-this-immediately
PORT=9874
# Optional: restrict CORS origins
CORS_ORIGINS=https://myapp.com,https://app2.com
Nginx Reverse Proxy + HTTPS
server {
listen 443 ssl;
server_name tavily-proxy.yourdomain.com;
ssl_certificate /etc/letsencrypt/live/yourdomain.com/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/yourdomain.com/privkey.pem;
location / {
proxy_pass http://127.0.0.1:9874;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
}
}
Integration Pattern: Auto-replenish Pool
# replenish.py — run on cron when quota runs low
import requests
PROXY_URL = "http://localhost:9874"
ADMIN_PASSWORD = "your-password"
MIN_ACTIVE_KEYS = 10
def get_stats():
r = requests.get(f"{PROXY_URL}/api/stats",
headers={"X-Admin-Password": ADMIN_PASSWORD})
return r.json()
def trigger_registration(count: int):
"""Call your key generator as subprocess or import directly"""
import subprocess
subprocess.run(["python", "main.py", "--count", str(count)], check=True)
stats = get_stats()
active = stats["active_keys"]
if active < MIN_ACTIVE_KEYS:
needed = MIN_ACTIVE_KEYS - active
print(f"Pool low ({active} keys), registering {needed} more...")
trigger_registration(needed)
Troubleshooting
| Problem | Cause | Fix |
|---|---|---|
| CAPTCHA solve failures | Tavily elevated bot detection | Pause several hours, reduce THREADS to 1 |
| Email verification timeout | Slow email delivery | Increase poll timeout in config |
| Keys immediately disabled in proxy | Tavily account flagged/suspended | Register from different IP |
playwright install firefox fails | Missing system deps | Run playwright install-deps firefox first |
| Docker compose port conflict | 9874 in use | Change PORT in .env and docker-compose.yml |
X-Admin-Password 401 | Wrong password | Check .env, restart container after changes |
| IP ban during registration | Too many registrations | Use BATCH_LIMIT=10, wait hours between batches |
Rate Limit Safe Settings
# Conservative — minimizes ban risk
THREADS = 1
COOLDOWN_BASE = 60
COOLDOWN_JITTER = 30
BATCH_LIMIT = 10
Security Checklist
- Change
ADMIN_PASSWORDfrom default immediately after deploy - Add
config.pyto.gitignore(already included, verify before push) - Deploy behind HTTPS in production
- Rotate proxy tokens periodically
- Never commit
api_keys.mdto public repositories
How can the creator link this skill?
Add the canonical catalog link to the repository README so users can inspect current installs and available audits. The publishing guide covers the complete discovery path.
<a href="https://skillzs.dev/skills/aradotso/trending-skills/tavily-key-generator-proxy">View tavily-key-generator-proxy on skillZs</a>