exa-migration-deep-dive
Pass
Audited by Gen Agent Trust Hub on Mar 12, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
- [COMMAND_EXECUTION]: The skill uses shell commands for repository analysis (
find,grep), environment setup (cp), and infrastructure management (kubectl). These actions are consistent with the stated purpose of performing a platform migration and version upgrade. - [EXTERNAL_DOWNLOADS]: The skill installs the
@exa/sdkpackage vianpm. This is a standard dependency required for the migration process and is aligned with the skill's functionality. - [DATA_EXFILTRATION]: The skill interacts with environment configuration files (
.env.exa). While environment files contain sensitive data, the operations are limited to local setup and configuration without evidence of transmission to unauthorized external domains.
Audit Metadata