Back to skill

Security audit

Brave Api Setup

Security checks across malware telemetry and agentic risk

Overview

This skill appears purpose-built for Brave API setup, but it should be reviewed because it can reveal and store a live API key without an explicit confirmation checkpoint.

Install only if you intentionally want an agent to access your Brave API dashboard and write the API key into OpenClaw settings. Invoke it only for explicit Brave API setup or missing-key repair, confirm the target config file first, and avoid exposing the full key in chat, logs, shell history, or process listings.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (2)

Vague Triggers

Medium
Confidence
88% confidence
Finding
The trigger phrases include broad terms such as 'web_search', 'search API', and 'Brave Search', which can cause the skill to activate for generic search-related requests rather than only explicit Brave API configuration tasks. Overbroad activation increases the chance that a credential-handling skill runs in the wrong context, potentially prompting unnecessary navigation to sensitive pages or config changes.

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The skill instructs the agent to reveal and extract a live API key from the Brave dashboard and write it into local configuration, but it provides no explicit warning, confirmation step, or safe-handling guidance for credentials and config modification. Because API keys are sensitive secrets, silent extraction and persistence materially raise the risk of credential exposure, accidental logging, or unintended system changes.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.