exa-people-research

Pass

Audited by Gen Agent Trust Hub on Jun 22, 2026

Risk Level: SAFEPROMPT_INJECTION
Full Analysis
  • [PROMPT_INJECTION]: The skill is vulnerable to indirect prompt injection because it processes untrusted external data retrieved from web searches.
  • Ingestion points: Data enters the agent context through the exa-search__web_search_advanced_exa tool results and the browser tool output (SKILL.md).
  • Boundary markers: No specific delimiters or instructions to ignore embedded commands are present in the guidelines for handling search results.
  • Capability inventory: The skill utilizes a search tool and suggests the use of a browser tool with active sessions for accessing auth-gated profiles.
  • Sanitization: The instructions do not specify any validation, filtering, or sanitization of the content retrieved from external websites.
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 22, 2026, 04:54 AM
Security Audit — agent-trust-hub — exa-people-research