exa
Pass
Audited by Gen Agent Trust Hub on Mar 23, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: No security threats or malicious patterns were identified in the analyzed files.
- [EXTERNAL_DOWNLOADS]: The skill connects to the official Exa AI API (https://api.exa.ai) to perform searches and retrieve page content. These operations are consistent with the skill's stated purpose of providing neural web search.
- [COMMAND_EXECUTION]: Shell scripts use 'curl' for network requests and 'jq' for JSON processing. User-provided search queries and URLs are safely passed as arguments to 'jq', preventing shell injection and ensuring valid JSON payloads.
- [CREDENTIALS_UNSAFE]: Security best practices are followed by requiring the 'EXA_API_KEY' to be set as an environment variable rather than being hardcoded.
Audit Metadata