brave-search

Benign. The Brave Search skill aligns with its stated purpose of performing Brave API-backed web searches and optional content extraction from user-provided URLs. It uses standard registry provisioning (npm) and relies on an environment-supplied API key — proportionate to its task. Primary security considerations are ensuring the API key is not leaked in logs and that user-provided URLs/content are handled securely, but there is no evidence of credential harvesting, malware, or unsafe third-party data forwarding beyond the expected endpoints.