exa-search

Pass

Audited by Gen Agent Trust Hub on May 19, 2026

Risk Level: SAFEEXTERNAL_DOWNLOADS
Full Analysis
  • [SAFE]: The skill's implementation is transparent and adheres to its stated purpose. No obfuscation, data exfiltration, or persistence mechanisms were detected. All external communications target established domains for a well-known technology service.- [EXTERNAL_DOWNLOADS]: The scripts fetch data and content from the official Exa AI API (api.exa.ai). This is a well-known service, and the use of its API is the intended primary purpose of the skill.- [PROMPT_INJECTION]: The skill creates an attack surface for indirect prompt injection by ingesting untrusted web content (text, summaries, highlights) into the agent's context.
    • Ingestion points: 'exa_search.py', 'exa_contents.py', and 'exa_research.py' retrieve arbitrary text from the web.
    • Boundary markers: The scripts do not use explicit delimiters or 'ignore' instructions for the retrieved content.
    • Capability inventory: The skill has no capabilities for file writing, shell command execution, or other high-privilege operations.
    • Sanitization: No specific sanitization of retrieved web content is performed. This is a characteristic of search/retrieval tools and represents a low-risk surface in this context.
Audit Metadata
Risk Level
SAFE
Analyzed
May 19, 2026, 04:39 PM
Security Audit — agent-trust-hub — exa-search