exa-context
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFE
Full Analysis
- [Command Execution] (SAFE): The skill utilizes the exa-ai CLI and standard utilities like jq and cat for the intended purpose of fetching and processing code context. No malicious command injection or unauthorized execution patterns were found.
- [Prompt Injection] (SAFE): No instructions designed to bypass agent constraints, safety filters, or safety protocols were detected in the skill markdown or metadata.
- [Data Exposure & Exfiltration] (SAFE): No hardcoded credentials, sensitive file path access, or unauthorized network exfiltration patterns were identified.
- [Indirect Prompt Injection] (SAFE): The skill retrieves code context from repositories. Ingestion point: exa-ai context (SKILL.md). Boundary markers: Absent. Capability inventory: exa-ai, jq, bash (SKILL.md). Sanitization: Absent. This surface is standard for search-based skills and is managed through suggested formatting options.
Audit Metadata