exa-search
Pass
Audited by Gen Agent Trust Hub on Mar 15, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill serves as a configuration guide and tool definition for the Exa search service. It does not contain any executable code or malicious instructions.
- [EXTERNAL_DOWNLOADS]: The documentation references the
exa-mcp-serverpackage to be run vianpx. This is the standard method for deploying MCP servers and utilizes the official package from the service provider. - [PROMPT_INJECTION]: The skill facilitates the retrieval of web content, which inherently introduces a surface for indirect prompt injection from untrusted external data. This is a characteristic of search-based tools rather than a specific flaw in the skill's implementation.
Audit Metadata