exa-agent

Pass

Audited by Gen Agent Trust Hub on Jun 27, 2026

Risk Level: SAFE
Full Analysis
  • [PROMPT_INJECTION]: The skill processes data from external web searches and premium providers. This creates an inherent surface for indirect prompt injection where instructions embedded in retrieved web content could influence the agent's behavior.\n
  • Ingestion points: Research results retrieved from agent_get_run_output in SKILL.md.\n
  • Boundary markers: None specified in the instructions for handling external data.\n
  • Capability inventory: agent_create_run, agent_wait_for_run, agent_get_run_output, agent_cancel_run (SKILL.md).\n
  • Sanitization: Not specified in the skill.\n- [COMMAND_EXECUTION]: The 'Batch Script Mode' instructions direct the agent to generate and execute local scripts (e.g., Python or JavaScript) for efficient high-volume data processing. This dynamic code generation is presented as a deterministic optimization for tool usage.\n- [EXTERNAL_DOWNLOADS]: The skill facilitates access to data from several external providers, including SimilarWeb, Fiber AI, and Financial Datasets. These network-based data operations are essential for the primary research purpose and target established technology services.
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 27, 2026, 07:23 AM
Security Audit — agent-trust-hub — exa-agent