exa
Pass
Audited by Gen Agent Trust Hub on Jun 20, 2026
Risk Level: SAFE
Full Analysis
- [COMMAND_EXECUTION]: The shell scripts utilize
curlandjqto interact with the Exa AI API. All user-supplied inputs are safely interpolated into JSON payloads usingjq's argument handling, which prevents shell injection vulnerabilities. - [DATA_EXFILTRATION]: Outbound network activity is limited to the official
api.exa.aiendpoint. The skill does not access local sensitive files, system configurations, or private credentials; it only transmits the search queries and URLs provided as tool arguments. - [PROMPT_INJECTION]: Because the skill retrieves text and summaries from external websites, it possesses an inherent attack surface for indirect prompt injection. Malicious instructions embedded in searched web pages could potentially be processed by the agent. This risk is common to all web-retrieval tools and is managed by the agent's internal safety guardrails.
Audit Metadata