brave-search
Pass
Audited by Gen Agent Trust Hub on Mar 31, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: Executes external CLI tools scrapling and sd to perform search queries and filter output results.
- [PROMPT_INJECTION]: Susceptible to indirect prompt injection as it processes untrusted data from web search results. 1. Ingestion points: Fetches content from brave.com in the brave-search script. 2. Boundary markers: Absent. No delimiters or warnings are used to separate fetched content from agent instructions. 3. Capability inventory: The script performs network fetches via scrapling and local processing via sd. 4. Sanitization: Absent. No filtering of potential malicious instructions within the fetched text is performed.
Audit Metadata