brave-search
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFE
Full Analysis
- [Indirect Prompt Injection] (LOW): The skill processes untrusted external data which could contain malicious instructions designed to influence the agent's behavior.
- Ingestion points: Web search results from
scripts/searchand page content fromscripts/contententer the agent context. - Boundary markers: The skill uses simple text delimiters (e.g., '--- Result 1 ---') to separate content, which provides minimal protection against adversarial input.
- Capability inventory: The skill is designed for reading and extraction; no dangerous write or execution capabilities were identified in the provided documentation.
- Sanitization: There is no evidence of sanitization or filtering of fetched content to prevent instructions from being interpreted by the LLM.
Audit Metadata