web-search-brave
Pass
Audited by Gen Agent Trust Hub on Feb 24, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [SAFE]: The skill correctly manages credentials by requiring the BRAVE_API_KEY environment variable, avoiding hardcoded secrets within the source code.
- [SAFE]: Network access is strictly constrained to the official Brave Search API domain (api.search.brave.com) via Deno's --allow-net flag.
- [PROMPT_INJECTION]: The skill exhibits a surface for indirect prompt injection as it retrieves and processes untrusted data from the web. * Ingestion points: Search results from the Brave Search API in scripts/search.ts. * Boundary markers: No delimiters or instructions to ignore embedded commands are included in the search result output. * Capability inventory: The script's permissions are limited to environment variables and a specific network domain. * Sanitization: The skill does not sanitize search result descriptions or snippets for adversarial prompt content.
Audit Metadata