Card Credits
AdvisoryAudited by Static analysis on Apr 30, 2026.
Overview
No suspicious patterns detected.
Findings (0)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
If this optional path is used, the card query may be sent to Brave Search through an API request.
The skill documents an optional raw API call through curl. It is limited to search, disclosed, and aligned with the skill's purpose, but users should notice that it depends on an external API path.
If `BRAVE_API_KEY` is available and the runtime also provides `curl`, you may use Brave Search API instead
Use the default WebSearch/WebFetch path unless you intentionally want to configure Brave Search; ensure any curl/API use stays limited to the documented search template.
Providing this key would allow the skill's search request to authenticate to Brave Search under that API credential.
The skill can use an optional API key for Brave Search. This is a credential, but it is disclosed and only tied to the search function.
optionalEnv:
- BRAVE_API_KEYOnly provide a Brave API key if you are comfortable using Brave Search for these lookups, and use a key scoped only to search if possible.