exa-enterprise-rbac
Pass
Audited by Gen Agent Trust Hub on Mar 24, 2026
Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
- [PROMPT_INJECTION]: The skill facilitates the ingestion of external data from the Exa search API, creating a surface for indirect prompt injection if web content returned by the API contains malicious instructions.
- Ingestion points: Search results from api.exa.ai/search (SKILL.md).
- Boundary markers: Absent in implementation examples.
- Capability inventory: Write and Edit tools are permitted in the skill configuration.
- Sanitization: No explicit validation or filtering of API response content is provided in the examples.
- [COMMAND_EXECUTION]: Provides examples using curl and jq to interact with the Exa API. These commands follow security best practices by utilizing environment variables ($EXA_ADMIN_KEY, $EXA_API_KEY) for authentication rather than hardcoded secrets. The use of the official api.exa.ai domain is consistent with the skill's stated purpose for enterprise RBAC management.
Audit Metadata