exa
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFE
Full Analysis
- COMMAND_EXECUTION (SAFE): The skill executes a local Python script (scripts/exa_cli.py) to perform searches. This is the documented and intended behavior for this CLI tool.
- CREDENTIALS_UNSAFE (SAFE): Sensitive API keys are managed through environment variables or a .env file. No hardcoded credentials were found in the provided files.
- DATA_EXFILTRATION (SAFE): The tool communicates with the official api.exa.ai endpoint as expected. There is no evidence of unauthorized data transmission or access to sensitive files.
- PROMPT_INJECTION (SAFE): The skill processes untrusted web data via search and crawling, creating an indirect prompt injection surface. Ingestion points: web search results and crawled URL content. Boundary markers: None specified in provided documentation. Capability inventory: network requests to Exa API and file writing via --out parameter. Sanitization: Not explicitly performed on retrieved content. This risk is inherent to the primary function of the tool and is categorized as SAFE in the context of its intended use.
Audit Metadata