web-search-exa
Pass
Audited by Gen Agent Trust Hub on Jul 2, 2026
Risk Level: SAFECOMMAND_EXECUTIONCREDENTIALS_UNSAFEEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [CREDENTIALS_UNSAFE]: The skill provides instructions for the agent to read the
api_keyandapi_basefrom~/.gooseworks/credentials.json. While this file is a sensitive credential store, the access is required for the skill to authenticate with its own backing service. - [COMMAND_EXECUTION]: The skill utilizes
python3 -cto extract configuration values andcurlto interact with the Exa API. These are standard operations for tool initialization and execution within the agent's environment. - [EXTERNAL_DOWNLOADS]: The skill fetches external web data, search results, and page summaries from
exa.aiandgooseworks.aito fulfill user requests. These network operations are consistent with the skill's purpose as a search tool. - [PROMPT_INJECTION]: The skill processes untrusted content from the web, creating an indirect prompt injection surface.
- Ingestion points: External search results, extracted page contents, and synthesized summaries.
- Boundary markers: No explicit boundary markers or "ignore embedded instructions" warnings are provided in the prompts.
- Capability inventory: The skill allows shell command execution via
curland environment variable manipulation viaexport. - Sanitization: No evidence of content sanitization or filtering of external data before it enters the agent's context.
Audit Metadata