exa-search
Pass
Audited by Gen Agent Trust Hub on May 6, 2026
Risk Level: SAFE
Full Analysis
- [COMMAND_EXECUTION]: The skill executes Python scripts via 'uv run' to perform searches and extractions. It uses standard argument parsing (argparse) for input handling to prevent injection.
- [EXTERNAL_DOWNLOADS]: The skill fetches content from the web using the Exa API and the 'exa-py' SDK. It targets well-known scientific domains like arXiv, Nature, and PubMed for research tasks.
- [DATA_EXFILTRATION]: No evidence of sensitive data exfiltration. The skill uses an environment variable for the API key and includes a tracking header 'x-exa-integration' for integration attribution, which is a standard practice.
- [INDIRECT_PROMPT_INJECTION]: The skill has an attack surface for indirect prompt injection as it processes untrusted web content. 1. Ingestion points: Web content retrieved by scripts/exa_search.py and scripts/exa_extract.py via the Exa API. 2. Boundary markers: Absent; the agent is instructed to parse and synthesize results directly. 3. Capability inventory: The agent has capabilities to write results to the filesystem and perform network requests via the Exa API. 4. Sanitization: The skill relies on standard CLI argument parsing and does not perform content-level sanitization of retrieved text before synthesis.
Audit Metadata