Skills
skills/brightdata/opencode-brightdata/brightdata-cli/Gen Agent Trust Hub

brightdata-cli

Pass

Audited by Gen Agent Trust Hub on Jun 16, 2026

Risk Level: SAFEREMOTE_CODE_EXECUTIONEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [REMOTE_CODE_EXECUTION]: The installation instructions include fetching and executing a shell script from the vendor's official domain: curl -fsSL https://cli.brightdata.com/install.sh | bash. This is a standard installation method provided by the author.
  • [EXTERNAL_DOWNLOADS]: The skill recommends installing the @brightdata/cli package via the npm registry for standard cross-platform installation.
  • [COMMAND_EXECUTION]: The skill's functionality is centered around executing bdata and brightdata shell commands to interact with the vendor's web data platform.
  • [PROMPT_INJECTION]: The skill has a surface for indirect prompt injection as it ingests untrusted data from the web.
  • Ingestion points: bdata scrape, bdata search, and bdata pipelines commands fetch external content from arbitrary URLs into the agent context.
  • Boundary markers: The instructions do not define specific markers or delimiters to isolate scraped content from agent instructions.
  • Capability inventory: The skill utilizes shell command execution and file system writes (-o flag) to handle data.
  • Sanitization: There is no evidence of content sanitization or filtering for the data retrieved from external URLs before it is processed by the agent.
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 16, 2026, 02:18 PM
Security Audit — agent-trust-hub — brightdata-cli