Skills
skills/davila7/claude-code-templates/brightdata-local-search/Gen Agent Trust Hub

brightdata-local-search

Warn

Audited by Gen Agent Trust Hub on Mar 21, 2026

Risk Level: MEDIUMEXTERNAL_DOWNLOADSREMOTE_CODE_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [EXTERNAL_DOWNLOADS]: The skill instructs the user to clone an external repository from GitHub (https://github.com/yaronbeen/unfancy-search.git) to provide the search functionality.
  • [REMOTE_CODE_EXECUTION]: The setup process executes external code locally via pnpm install and pnpm dev commands.
  • [PROMPT_INJECTION]: The skill facilitates the ingestion of external search results, creating an indirect prompt injection surface.
  • Ingestion points: Search results from Bright Data SERP API.
  • Boundary markers: Absent; no delimiters are used to wrap untrusted content.
  • Capability inventory: The agent interacts with the search server using network tools like curl.
  • Sanitization: Absent; content from search results is not validated or sanitized before being processed.
Audit Metadata
Risk Level
MEDIUM
Analyzed
Mar 21, 2026, 07:07 AM