exa-policy-guardrails
Pass
Audited by Gen Agent Trust Hub on Mar 12, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [SAFE]: The skill is a utility designed to enhance the security posture of projects using Exa. It implements patterns to prevent hardcoded secrets (API keys), enforces TypeScript type safety, and provides templates for Policy-as-Code (OPA) and CI/CD checks.
- [PROMPT_INJECTION]: The skill possesses an indirect prompt injection attack surface as it is designed to read and analyze external project files.
- Ingestion points: Reads source code files (TS/JS) and JSON configuration files (SKILL.md).
- Boundary markers: None; the skill does not define specific delimiters to separate code-under-analysis from agent instructions.
- Capability inventory: The skill has permissions for
Read,Write,Edit, andBash(npx:*), which could be exploited if an attacker-controlled file contains instructions the agent obeys. - Sanitization: There is no explicit sanitization or filtering mechanism for the content of files ingested during linting or policy checks.
Audit Metadata