context safety score
A score of 63/100 indicates minor risk signals were detected. The entity may be legitimate but has characteristics that warrant attention.
phishing
1 deceptive links where visible host does not match destination host
social engineering
Page actively blocks right-click context menu (contextmenu event preventDefault), F12, Ctrl+Shift+I, Ctrl+Shift+J, and Ctrl+U keyboard shortcuts to prevent users from inspecting page source or developer tools. This is a common tactic used on credential-harvesting and phishing pages to hinder analysis and user awareness. (location: page.html:524-538 (second script block))
malicious redirect
JavaScript redirects non-Chrome browsers to '/Miscellaneous/NotChrome' via window.location assignment. While possibly a browser-compatibility measure, it represents a JS redirect pattern (flagged by Tier 2 scan) that forces users to a specific path based on user-agent fingerprinting, which could be used to serve different content to different clients. (location: page.html:520)
credential harvesting
Tier 2 scan detected 5 credential forms on the domain. The landing page includes Sign Up and Sign In links to /User/Welcome and /User/Index respectively, as well as Forgot Password and Resend Account-Activation Email flows. While this matches a legitimate government portal pattern, the combination of 5 credential forms with developer-tools blocking and browser fingerprinting warrants flagging for manual review. (location: page.html:253-284, metadata.json (credential_form_count: 5))
hidden content
A maintenance notice div ('Constructor Operator Portal is temporarily unavailable due to maintenance. System will be available after 10 PM, 13 May 2020 approximately.') is present in the HTML with display:none style. The date references 2020, suggesting stale hidden content that is never shown to users but remains embedded in the page. Tier 2 also flagged 1 suspicious base64 blob not visible in the rendered HTML. (location: page.html:202-209)
curl https://api.brin.sh/domain/coportal.pec.org.pkCommon questions teams ask before deciding whether to use this domain in agent workflows.
coportal.pec.org.pk currently scores 63/100 with a caution verdict and medium confidence. The goal is to protect agents from high-risk context before they act on it. Treat this as a decision signal: higher scores suggest lower observed risk, while lower scores mean you should add review or block this domain.
Use the score as a policy threshold: 80–100 is safe, 50–79 is caution, 20–49 is suspicious, and 0–19 is dangerous. Teams often auto-allow safe, require human review for caution/suspicious, and block dangerous.
brin evaluates four dimensions: identity (source trust), behavior (runtime patterns), content (malicious instructions), and graph (relationship risk). Analysis runs in tiers: static signals, deterministic pattern checks, then AI semantic analysis when needed.
Identity checks source trust, behavior checks unusual runtime patterns, content checks for malicious instructions, and graph checks risky relationships to other entities. Looking at sub-scores helps you understand why an entity passed or failed.
brin performs risk assessments on external context before it reaches an AI agent. It scores that context for threats like prompt injection, hijacking, credential harvesting, and supply chain attacks, so teams can decide whether to block, review, or proceed safely.
No. A safe verdict means no significant risk signals were detected in this scan. It is not a formal guarantee; assessments are automated and point-in-time, so combine scores with your own controls and periodic re-checks.
Re-check before high-impact actions such as installs, upgrades, connecting MCP servers, executing remote code, or granting secrets. Use the API in CI or runtime gates so decisions are based on the latest scan.
Learn more in threat detection docs, how scoring works, and the API overview.
Assessments are automated and may contain errors. Findings are risk indicators, not confirmed threats. This is a point-in-time assessment; security posture can change.
integrate brin in minutes — one GET request is all it takes. query the api, browse the registry, or download the full dataset.