exa
Pass
Audited by Gen Agent Trust Hub on Mar 4, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCREDENTIALS_UNSAFECOMMAND_EXECUTION
Full Analysis
- [SAFE]: No malicious patterns, obfuscation, or safety bypass attempts were detected in the skill's code or instructions.\n- [EXTERNAL_DOWNLOADS]: The skill installs
exa-jsanddotenvfrom the NPM registry. These are official and well-known packages for search functionality and environment variable management.\n- [CREDENTIALS_UNSAFE]: API keys are managed safely through theEXA_API_KEYenvironment variable, avoiding the risk of hardcoded secrets.\n- [COMMAND_EXECUTION]: The script executes search queries using the official Exa SDK and does not perform any dangerous system calls or subprocess execution.
Audit Metadata