ClawHub

Taizi Brave Search

Security checks across malware telemetry and agentic risk

Overview

This skill does what it advertises: it searches the public web through Brave and can fetch readable page content, with normal privacy cautions for web search.

Install only if you are comfortable sending search terms to Brave and requested URLs to third-party sites. Avoid sensitive queries, secrets, internal URLs, and private documents, and treat extracted webpage text as untrusted content. The BRAVE_API_KEY setup note appears stale because the reviewed code does not use that variable.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (4)

Vague Triggers

Medium
Confidence
82% confidence
Finding
The description is broad enough that an agent may invoke this skill for many generic information-seeking requests without clear boundaries. That increases the chance of unnecessary external requests, unintended disclosure of sensitive prompts or identifiers in search queries, and overuse of a network-capable skill when a local answer would suffice.

Vague Triggers

Medium
Confidence
84% confidence
Finding
The guidance 'Any task requiring web search without interactive browsing' is an overly broad trigger that can cause the skill to activate in situations with unclear data-sensitivity or trust requirements. This is dangerous because it encourages routine externalization of user requests and retrieval of arbitrary web content without constraints on source trust, data handling, or necessity.

Missing User Warnings

Medium
Confidence
93% confidence
Finding
The documentation does not warn that search queries and supplied URLs are sent to external services and that arbitrary page content may be fetched from third-party sites. This is dangerous because users or higher-level agents may unknowingly expose sensitive terms, internal URLs, or proprietary context to Brave or destination websites during normal use.

Missing User Warnings

Medium
Confidence
91% confidence
Finding
The skill sends the user's query to Brave Search and, with --content, fetches third-party pages directly, which discloses user-provided data and browsing targets to external services. In a search skill this behavior is expected, but the absence of explicit disclosure, consent, or domain restrictions means sensitive prompts could be transmitted off-platform without the user realizing it.

VirusTotal

62/62 vendors flagged this skill as clean.

View on VirusTotal