exa-search
Pass
Audited by Gen Agent Trust Hub on Mar 10, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: No malicious patterns or security vulnerabilities were detected within the skill documentation.
- [EXTERNAL_DOWNLOADS]: The skill is designed to be installed from an external GitHub repository (BenedictKing/exa-search) using the 'npx skills add' command.
- [DATA_EXFILTRATION]: The skill documentation refers to the use of an Exa API key but correctly recommends the use of environment variables for secure configuration.
- [PROMPT_INJECTION]: The skill possesses a surface for indirect prompt injection due to its primary function of retrieving external web content.
- Ingestion points: Semantic search results from the Exa API.
- Boundary markers: No specific delimiters or safety instructions are defined in the metadata for handling retrieved data.
- Capability inventory: Performs semantic search and similar content discovery within the agent conversation.
- Sanitization: No sanitization methods are mentioned for the external data being ingested.
Audit Metadata