images-search
Pass
Audited by Gen Agent Trust Hub on Feb 16, 2026
Risk Level: LOWPROMPT_INJECTION
Full Analysis
- Indirect Prompt Injection (LOW): The skill defines an interface for processing untrusted data from an external search provider. * Ingestion points: API response fields including
results[].title,results[].url, andresults[].source. * Boundary markers: The documentation does not specify the use of delimiters or instructions to ignore embedded content. * Capability inventory: The skill enables visual content discovery and metadata retrieval via GET requests to Brave's API. * Sanitization: No sanitization or validation of the external content is described in the specification. * Risk: An attacker could potentially influence agent reasoning by controlling the metadata (e.g., titles) of indexed images.
Audit Metadata