exa-search
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFECOMMAND_EXECUTION
Full Analysis
- COMMAND_EXECUTION (SAFE): The skill utilizes the exa-ai CLI and jq for data processing. It includes comprehensive best practices for shell reliability, such as recommending sequential command execution and explicitly warning against fragile patterns like nested command substitutions.
- PROMPT_INJECTION (SAFE): Although the skill handles untrusted data from web search results, it promotes the use of structured JSON schemas for extraction. This approach is more resilient to indirect prompt injection compared to processing raw text content.
- DATA_EXFILTRATION (SAFE): Analysis of the command patterns and documentation confirmed that no unauthorized network requests or sensitive file access operations (such as reading credentials or SSH keys) are performed.
Audit Metadata