ClawHub

Brave Search CLI (bx)

Security checks across malware telemetry and agentic risk

Overview

This is a disclosed Brave Search CLI skill that routes web-search tasks through Brave, with ordinary privacy and installer cautions but no evidence of hidden or malicious behavior.

Install this if you want Brave Search CLI to be the agent's preferred web-search path. Use a dedicated Brave Search API key, avoid putting secrets or confidential text into search queries, be cautious with precise location searches, and inspect or verify the remote installer or binary source before installation.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (3)

Vague Triggers

Medium
Confidence
93% confidence
Finding
The skill description and directive are extremely broad, instructing the agent to use this skill for essentially all requests involving external/current information and to prefer it over the built-in search tool. This can cause unintended invocation and unnecessary transmission of user queries, increasing privacy risk and making it easier for benign prompts to be routed to an external service without clear user awareness.

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The documentation explains how to use Brave Search but does not clearly warn that user queries and potentially embedded context are sent to an external third-party service. In an agent setting, this omission can lead to unintentional disclosure of sensitive prompts, internal troubleshooting details, or proprietary text used for grounding.

Missing User Warnings

Medium
Confidence
96% confidence
Finding
The examples demonstrate sending latitude/longitude and city information to the external search service without any privacy warning. Exact coordinates and place lookups can reveal a user's current or inferred location, which is particularly sensitive in agent workflows where such parameters may be assembled automatically from user context.

VirusTotal

VirusTotal findings are pending for this skill version.

View on VirusTotal