Skills
skills/openclaw/skills/exa-web-search-free/Gen Agent Trust Hub

exa-web-search-free

Pass

Audited by Gen Agent Trust Hub on Feb 12, 2026

Risk Level: LOWNO_CODEEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis

================================================================================

✅ VERDICT: SAFE

This skill is considered SAFE. No direct malicious patterns, obfuscation, data exfiltration, or privilege escalation attempts were detected. The skill primarily consists of instructions for configuring and using the mcporter tool to interact with the Exa API. The external dependencies (Exa API endpoints, GitHub/npm links) are legitimate and directly related to the skill's stated purpose.

Total Findings: 2

🔵 LOW Findings: • Unverifiable Dependency (Trusted Source)

  • SKILL.md Line 15: mcporter config add exa https://mcp.exa.ai/mcp
  • The skill instructs the user to configure mcporter to use an external service URL (https://mcp.exa.ai/mcp). This is a legitimate and expected dependency for the skill's functionality, as exa.ai is the service provider. This is noted as a trusted external dependency. • Unverifiable Dependency (Trusted Source)
  • SKILL.md Line 48: mcporter config add exa-full "https://mcp.exa.ai/mcp?tools=..."
  • Similar to the above, this configures mcporter with another legitimate Exa service URL for advanced tools.

ℹ️ TRUSTED SOURCE References: • GitHub Repository

  • SKILL.md Line 72: https://github.com/exa-labs/exa-mcp-server
  • Reference to the Exa MCP server on GitHub, a trusted source. • npm Package
  • SKILL.md Line 73: https://www.npmjs.com/package/exa-mcp-server
  • Reference to the Exa MCP server npm package, a trusted source. • Documentation
  • SKILL.md Line 74: https://exa.ai/docs
  • Reference to Exa's official documentation, a trusted source. • GitHub Commit
  • _meta.json Line 7: https://github.com/clawdbot/skills/commit/4e65ccd09f462229d68d283c7a09b17467786bd3
  • Reference to a GitHub commit, a trusted source.

ℹ️ INFO Findings: • Indirect Prompt Injection Susceptibility

  • SKILL.md: The skill performs web searches and crawling, meaning it processes external, untrusted content (web pages, search results). This makes it inherently susceptible to indirect prompt injection if the retrieved content contains malicious instructions that could influence the LLM. This is a general risk associated with the skill's functionality, not a vulnerability in the skill's instructions themselves.

================================================================================

Audit Metadata
Risk Level
LOW
Analyzed
Feb 12, 2026, 03:25 PM