exa-search
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFENO_CODE
Full Analysis
- [SAFE] (SAFE): No malicious behavior, obfuscation, or safety bypass attempts were detected. The skill content is purely instructional.\n- [NO_CODE] (SAFE): The skill consists of a single markdown file with no scripts, binaries, or configuration files that would trigger command execution or package installation.\n- [Indirect Prompt Injection] (SAFE): The skill documents the use of search tools which ingest untrusted web data. (1) Ingestion points: Results from mcp__exa__web_search_exa and WebFetch. (2) Boundary markers: The skill does not explicitly instruct the agent to use delimiters for external data. (3) Capability inventory: Web search and content synthesis. (4) Sanitization: The skill is documentation-only and does not provide sanitization logic. The risk is considered inherent to the primary function of search and is handled by the agent's core safety protocols.
Audit Metadata