brave-search
Pass
Audited by Gen Agent Trust Hub on Mar 2, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill configuration instructions include downloading and running the @brave/search-mcp package via npx. This is an official package provided by Brave Software, a well-known and trusted service provider.
- [PROMPT_INJECTION]: The skill ingests untrusted data from web search results, which could potentially contain malicious instructions (indirect prompt injection).
- Ingestion points: Results from Brave Web, News, Summarizer, Video, and Image search tools.
- Boundary markers: None mentioned in the processing logic to distinguish between instructions and data.
- Capability inventory: Limited to the specified MCP search tools; the skill itself does not have access to file writing, arbitrary command execution, or other dangerous capabilities.
- Sanitization: No explicit sanitization or filtering of search result content is performed.
Audit Metadata