Brave Api Search
ReviewAudited by ClawScan on May 10, 2026.
Overview
The Brave search integration mostly matches its stated purpose, but its tool commands interpolate user-controlled text into shell-like command strings without visible escaping, and its credential/runtime metadata is incomplete.
Install only if you are comfortable sending search/answer queries to Brave and using your Brave API quota. Prefer a version that fixes the command-template escaping issue or verify that your ClawHub runtime safely escapes placeholders before execution. Store API keys in a local .env file, do not commit them, and verify the package/version metadata before trusting it.
Findings (4)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
If the runtime executes the command through a shell, a maliciously crafted query or parameter could run unintended local commands with the agent user's permissions.
User-controlled fields are interpolated into a shell-like command template. The artifacts do not show escaping or an argv-style invocation, and brave_spellcheck also lacks an args schema.
node {{workspace}}/brave_search.js --query "{{query}}" --count {{count|10}} --country {{country|us}}Use a safe argv/execFile-style tool definition or guaranteed placeholder escaping, quote/validate every user-controlled field, and add an explicit args schema for brave_spellcheck.
The installer or registry view may not clearly warn users that Brave API keys are needed and may be used for billable requests.
The skill requires provider credentials, while the registry metadata says required env vars and primary credential are none.
"requiredEnv": [ "BRAVE_SEARCH_API_KEY", "BRAVE_ANSWERS_API_KEY" ]
Declare the required environment variables and primary credential in registry metadata, and use Brave keys with the minimum necessary plan/scope.
Anything placed in a search or answer query is shared with Brave and may use the user's API quota.
User questions are sent to Brave's API together with the configured subscription token, which is expected for this integration.
messages: [{ role: 'user', content: query }], ... 'X-Subscription-Token': apiKeyAvoid putting secrets or sensitive private data in queries, and review Brave's data handling terms before use.
Users may have less certainty that the reviewed files correspond exactly to the published registry version.
This conflicts with the registry, SKILL.md, and skill.json version 4.2.0, indicating packaging/provenance inconsistency even though no hidden remote installer is shown.
"version": "3.0.2"
Publish consistent metadata across _meta.json, SKILL.md, skill.json, and registry records.