exa

SUSPICIOUS: The skill’s purpose is coherent, but its implementation relies on a third-party personal `api2cli` tool to generate and handle the Exa CLI and credentials. Official Bun installation only partly mitigates risk; the unpinned third-party CLI generation and credential forwarding make the overall security posture medium-high risk.