brave-search
Pass
Audited by Gen Agent Trust Hub on Apr 17, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTIONCREDENTIALS_UNSAFE
Full Analysis
- [COMMAND_EXECUTION]: The skill utilizes curl for API interaction and jq for processing structured search results.
- [EXTERNAL_DOWNLOADS]: Information is retrieved from Brave's legitimate API endpoints and documentation sites, such as api.search.brave.com and brave.com.
- [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection as it processes untrusted data from web search results.
- Ingestion points: Search results (titles, descriptions, URLs) from api.search.brave.com as referenced in SKILL.md.
- Boundary markers: No delimiters or ignore instructions are present for the external search data.
- Capability inventory: Shell command execution via curl and jq is demonstrated in SKILL.md.
- Sanitization: There is no evidence of sanitization or validation of the search result content.
- [CREDENTIALS_UNSAFE]: The skill correctly instructs users to provide the API key through an environment variable (BRAVE_API_KEY) and uses it via a header, which is an appropriate method for handling secrets.
Audit Metadata