Taizi Brave Search
PassAudited by ClawScan on May 1, 2026.
Overview
This appears to be a coherent web-search and page-extraction skill, with minor documentation/provenance mismatches and normal risks from sending queries to the web and returning untrusted page text.
This skill looks suitable for web search and page extraction, but verify the publisher/source if that matters, confirm whether an API key is really needed, avoid sensitive search terms, and treat extracted web content as untrusted reference text.
Findings (4)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
A malicious or misleading webpage could try to steer the assistant if its contents are treated as instructions.
When the --content option is used, fetched webpage text is returned for the agent to read. Webpages are untrusted and may contain prompt-injection text.
console.log(`Content:\n${r.content}`);Treat search results and extracted page content as quoted reference material; verify important claims before acting on them.
Private or sensitive search terms could be disclosed to Brave or to websites fetched for content extraction.
Search queries are sent to Brave's web endpoint, and content mode also fetches result pages. This is expected for a web search skill but is an external data flow.
const url = `https://search.brave.com/search?q=${encodeURIComponent(query)}`;Do not include secrets, credentials, or sensitive private details in search queries or URLs unless you intend to send them externally.
A user might configure an API key that the current code does not appear to need or use.
The instructions ask for a Brave API credential, while the provided registry metadata declares no required env vars and the scripts do not show use of process.env. This looks like a documentation/metadata inconsistency rather than credential misuse.
Needs env: `BRAVE_API_KEY`.
Confirm whether a Brave API key is actually required before setting one, and scope or rotate any key you choose to configure.
It may be harder to confirm who published or maintains this copy of the skill.
The embedded metadata identity differs from the evaluated registry name/slug/version, and the registry source/homepage are unknown. The included source is coherent, but provenance should be checked.
"owner": "steipete", "slug": "brave-search", "latest": { "version": "1.0.1"Verify the publisher/source if provenance matters, and install from the expected skill directory using the included lockfile.