exa-search

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 1.00). The prompt explicitly instructs "If you need an API key, pass exaApiKey as a request parameter," which encourages embedding a secret value verbatim in requests/commands generated by the agent, creating a high exfiltration risk.

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The SKILL.md shows tools like web_search_exa and company_research_exa that call Exa's web search API (https://mcp.exa.ai/mcp) to fetch ready-to-use text (web pages, news, code/docs) from the open web which the agent is expected to read and act on, so untrusted third-party content could inject instructions.