bright-data-mcp
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTION
Full Analysis
- [EXTERNAL_DOWNLOADS] (SAFE): The skill directs users to download and install the
@brightdata/mcppackage from npm. Bright Data is a recognized provider, and this is a standard installation procedure for an MCP server. - [COMMAND_EXECUTION] (LOW): The skill provides command-line instructions for installing and running the server locally (
npm install -g,npx @brightdata/mcp). These commands are necessary for the skill's primary purpose but involve local execution. No high-risk command injection patterns were found. - [DATA_EXPOSURE & EXFILTRATION] (SAFE): The skill handles API tokens for the Bright Data service. It correctly uses placeholders (
<YOUR_BRIGHTDATA_API_TOKEN>,YOUR_TOKEN) rather than hardcoding credentials. The network operations (connecting tomcp.brightdata.com) are the primary function of the skill. - [INDIRECT PROMPT INJECTION] (LOW): The skill implements various scraping and extraction tools (e.g.,
scrape_as_markdown,extract,web_data_*). These tools ingest untrusted content from the web and present it to the agent, creating a surface for indirect prompt injection. - Ingestion points: Tools like
scrape_as_markdownandscraping_browser_get_textinreferences/mcp-tools.md. - Boundary markers: Not explicitly mentioned in the provided reference files.
- Capability inventory: The skill allows for browser automation (
scraping_browser_*) and structured data extraction. - Sanitization: Not specified; standard LLM guardrails are expected to apply to processed data.
Audit Metadata