exa-search
Pass
Audited by Gen Agent Trust Hub on May 19, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADS
Full Analysis
- [SAFE]: The skill's implementation is transparent and adheres to its stated purpose. No obfuscation, data exfiltration, or persistence mechanisms were detected. All external communications target established domains for a well-known technology service.- [EXTERNAL_DOWNLOADS]: The scripts fetch data and content from the official Exa AI API (api.exa.ai). This is a well-known service, and the use of its API is the intended primary purpose of the skill.- [PROMPT_INJECTION]: The skill creates an attack surface for indirect prompt injection by ingesting untrusted web content (text, summaries, highlights) into the agent's context.
- Ingestion points: 'exa_search.py', 'exa_contents.py', and 'exa_research.py' retrieve arbitrary text from the web.
- Boundary markers: The scripts do not use explicit delimiters or 'ignore' instructions for the retrieved content.
- Capability inventory: The skill has no capabilities for file writing, shell command execution, or other high-privilege operations.
- Sanitization: No specific sanitization of retrieved web content is performed. This is a characteristic of search/retrieval tools and represents a low-risk surface in this context.
Audit Metadata