exa-search
Warn
Audited by Gen Agent Trust Hub on Feb 28, 2026
Risk Level: MEDIUMEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill instructs the agent to perform an installation from an untrusted third-party GitHub repository (BenedictKing/exa-search). This involves downloading and executing scripts from an unverified source that has not been audited for security.
- [PROMPT_INJECTION]: The skill's primary purpose is semantic search and content discovery using the Exa API, which creates an attack surface for indirect prompt injection. Malicious instructions embedded within search results or research papers could influence the agent's behavior.
- Ingestion points: External web content and research papers retrieved via the Exa API.
- Boundary markers: No delimiters or specific safety instructions are provided to the agent for handling untrusted data.
- Capability inventory: The skill facilitates network requests to external search services and subsequent data ingestion.
- Sanitization: No evidence of input validation or content filtering is present in the skill metadata.
Audit Metadata