Brave Web Search
Searches the web and fetches AI-generated summarized answers using the Brave Search API. Exposes two commands: brave-search for ranked web results and brave-answer for concise AI summaries.
Instructions
- 1. Trigger: Activate when the user wants to look something up on the web, check recent news, or get a factual answer to a question.
- Setup: No installation step is required — this skill has zero external dependencies and runs on native Node.js.
- Command selection:
- Use
brave-search for general web searches where ranked results with URLs and snippets are useful.
- Use
brave-answer for direct factual questions where a concise AI summary is more appropriate.
- 4. Execution: Invoke the script by passing the command name and parameters as separate arguments, never by interpolating user input into a shell command string. Use an argument array /
execFile-style invocation so the shell never parses user-supplied values. Example (Node-style pseudo-code):
CODEBLOCK0
Do not construct the command as a single concatenated string such as "node index.js brave-search --query " + userQuery.
- 5. Freshness: For time-sensitive queries, pass
--freshness followed by pd (past day), pw (past week), or pm (past month) as a separate argument to brave-search. - Fallback: If
brave-answer returns answer: null, present the fallback_results to the user instead. - Completion: Present the results clearly, citing titles and URLs for web search results, or the summary text for answer results.
Security & Privacy
- - Shell Injection Prevention: User queries must be passed as discrete arguments (e.g. via
execFile or an argv array), never interpolated into a shell command string. Concatenating user input into a shell string (e.g. shell: true with template literals) enables shell injection and is strictly forbidden. - Instruction Scope: This skill only sends query strings to the Brave Search and Brave Summarizer APIs.
- Environment: It uses the
BRAVE_SEARCH_API_KEY and BRAVE_ANSWERS_API_KEY provided by the OpenClaw environment. - Data Access: It does not read local files or .env files. All configuration is handled by the agent.
Brave Web 搜索
使用 Brave 搜索 API 搜索网络并获取 AI 生成的摘要答案。提供两个命令:brave-search 用于获取排序后的网页结果,brave-answer 用于获取简洁的 AI 摘要。
使用说明
- 1. 触发条件:当用户想要在网上查找信息、查看最新新闻或获取某个问题的事实性答案时激活。
- 设置:无需安装步骤——此技能零外部依赖,运行在原生 Node.js 上。
- 命令选择:
- 对于需要获取带有 URL 和摘要的排序结果的通用网页搜索,使用 brave-search。
- 对于更适合获取简洁 AI 摘要的直接事实性问题,使用 brave-answer。
- 4. 执行方式:通过将命令名称和参数作为独立参数传递来调用脚本,切勿将用户输入插入到 shell 命令字符串中。使用参数数组/execFile 风格的调用方式,确保 shell 永远不会解析用户提供的值。示例(Node 风格伪代码):
javascript
execFile(node, [index.js, brave-search, --query, userQuery, --count, 10])
不要将命令构造为单个拼接字符串,例如 node index.js brave-search --query + userQuery。
- 5. 时效性:对于时间敏感的查询,向 brave-search 传递 --freshness 参数,后跟 pd(过去一天)、pw(过去一周)或 pm(过去一个月)作为独立参数。
- 回退机制:如果 brave-answer 返回 answer: null,则向用户展示 fallback_results。
- 结果呈现:清晰展示结果,对于网页搜索结果注明标题和 URL,对于答案结果注明摘要文本。
安全与隐私
- - Shell 注入防护:用户查询必须作为离散参数传递(例如通过 execFile 或 argv 数组),绝不能插入到 shell 命令字符串中。将用户输入拼接到 shell 字符串中(例如使用模板字面量的 shell: true)会导致 shell 注入风险,严格禁止。
- 指令范围:此技能仅向 Brave 搜索和 Brave 摘要器 API 发送查询字符串。
- 运行环境:使用 OpenClaw 环境提供的 BRAVESEARCHAPIKEY 和 BRAVEANSWERSAPIKEY。
- 数据访问:不读取本地文件或 .env 文件。所有配置由代理处理。
