exa-contents
Pass
Audited by Gen Agent Trust Hub on Jul 3, 2026
Risk Level: SAFECOMMAND_EXECUTION
Full Analysis
- [COMMAND_EXECUTION]: The skill includes several
curlcommand examples used to interact with the Exa API athttps://api.exa.ai/contents. These commands are used for the legitimate purpose of extracting web content (text, highlights, summaries) and do not involve suspicious redirection, piping to shell, or unexpected privilege escalation. - [SAFE]: Authentication is handled via the
x-api-keyheader using an environment variable ($EXA_API_KEY), which prevents credential exposure in the skill files. The URLs and endpoints referenced are consistent with the official infrastructure of the skill author (exa-labs).
Audit Metadata