exa-company-research

Pass

Audited by Gen Agent Trust Hub on Jun 22, 2026

Risk Level: SAFE
Full Analysis
  • [PROMPT_INJECTION]: The skill exhibits an indirect prompt injection surface as it is designed to ingest and process unstructured data from external web sources via the Exa search tool and a browser fallback.
  • Ingestion points: External content fetched via exa-search__web_search_advanced_exa and the browser tool.
  • Boundary markers: The instructions do not define specific delimiters or instructions to ignore potential commands embedded within search results.
  • Capability inventory: The skill can invoke search tools and delegate tasks to subagents via llm_task.
  • Sanitization: No explicit sanitization or content validation steps are implemented for the fetched data.
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 22, 2026, 04:54 AM
Security Audit — agent-trust-hub — exa-company-research