skills/jeremylongshore/claude-code-plugins-plus-skills/exa-reference-architecture/Gen Agent Trust Hub
exa-reference-architecture
Pass
Audited by Gen Agent Trust Hub on Mar 24, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill defines a Retrieval-Augmented Generation (RAG) pattern that is inherently susceptible to indirect prompt injection.
- Ingestion points: Untrusted data from external web sources is ingested via the
exa.searchAndContentstool and processed in theragSearchfunction inSKILL.md. - Boundary markers: The implementation uses basic delimiters (
---) and source headers ([Source X]), which provide minimal protection against instructions embedded within the retrieved content. - Capability inventory: No dangerous operations (such as filesystem writes or subprocess execution) are present in the provided script examples.
- Sanitization: There is no evidence of sanitization, filtering, or validation of the external content before it is interpolated into the prompt context.
Audit Metadata