brave-search

SUSPICIOUS. The stated purpose is benign, but the footprint is underspecified: it depends on unrelated third-party tools and an unexplained local executable instead of clearly using Brave’s official API path. No direct credential theft or exfiltration is evident, but install/execution trust and untrusted-content handling make this a medium-risk skill.