bx
Warn
Audited by Snyk on Apr 8, 2026
Risk Level: MEDIUM
Full Analysis
MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).
- Third-party content exposure detected (high risk: 1.00). The skill's default
bx "query"(context) and commands likebx web,bx news, andbx web --result-filter discussionsfetch and return pre-extracted content from open public websites, news, and forums (Brave Search API / arbitrary URLs) which the agent is explicitly instructed to read and use for RAG/grounding and synthesized answers, so untrusted third‑party content can directly influence decisions and tool actions.
MEDIUM W012: Unverifiable external dependency detected (runtime URL that controls agent).
- Potentially malicious external URL detected (high risk: 1.00). The skill's installation step runs remote code via curl -fsSL https://raw.githubusercontent.com/brave/brave-search-cli/main/scripts/install.sh | sh, which fetches and executes a remote install script and is presented as a required dependency for obtaining the bx binary.
Issues (2)
W011
MEDIUMThird-party content exposure detected (indirect prompt injection risk).
W012
MEDIUMUnverifiable external dependency detected (runtime URL that controls agent).
Audit Metadata