exa-core-workflow-b
Pass
Audited by Gen Agent Trust Hub on Mar 12, 2026
Risk Level: SAFEPROMPT_INJECTIONNO_CODE
Full Analysis
- [PROMPT_INJECTION]: The skill is designed to process data from the Exa API. This creates an indirect prompt injection surface as external content could contain malicious instructions meant to exploit the agent's capabilities.
- Ingestion points: Workflow results from the Exa API (referenced in Step 3 and Output section).
- Boundary markers: None identified in the documentation to isolate untrusted API data.
- Capability inventory: The skill is granted access to high-privilege tools including Bash, Write, and Edit.
- Sanitization: No sanitization or validation logic is defined for the incoming API data.
- [NO_CODE]: The skill file is a template containing only comments and headers without actual code implementation.
Audit Metadata