ClawHub

Brave Api Search

Security checks across malware telemetry and agentic risk

Overview

This Brave search skill appears purpose-aligned, but it needs review because user input is inserted into shell-like command templates and search data is sent to Brave with limited upfront privacy scoping.

Review before installing. Use only if you are comfortable sending searches, answer prompts, and any location context to Brave using your API keys. Avoid secrets or regulated data in queries, and prefer an OpenClaw runtime that executes tool commands with argv-style escaping rather than raw shell interpolation.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
  • MCP Tool PoisoningHidden Instructions, Unicode Deception, Parameter Description Injection
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Findings (3)

Lp3

Medium
Category
MCP Least Privilege
Confidence
91% confidence
Finding
The skill clearly requires environment-variable secrets and makes outbound network requests, yet it does not declare those capabilities as permissions. This weakens transparency and policy enforcement because users and platforms cannot easily understand that queries and API keys will be used externally.

Tp4

High
Category
MCP Tool Poisoning
Confidence
84% confidence
Finding
The top-level description understates the actual behavior by omitting additional APIs, geo-targeted headers, and extra environment keys. Description/behavior drift is dangerous because it can mislead reviewers and users about data flows, required secrets, and external processing of user input.

Missing User Warnings

Medium
Confidence
93% confidence
Finding
The skill description does not prominently warn that user queries are transmitted to Brave's external API service. This matters because search queries may contain sensitive or regulated information, and users may assume local processing if the privacy boundary is not made explicit.

VirusTotal

65/65 vendors flagged this skill as clean.

View on VirusTotal