exa
Pass
Audited by Gen Agent Trust Hub on Mar 1, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill executes local bash scripts (scripts/search.sh, scripts/code.sh, scripts/content.sh) to perform search and extraction operations.
- [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection by processing external web data.
- Ingestion points: Untrusted content is retrieved from the web via neural search queries and full-text extraction tools.
- Boundary markers: No delimiters or safety instructions are specified to prevent the agent from interpreting instructions found in the search results.
- Capability inventory: The skill facilitates shell command execution and network operations to fetch remote data from the Exa API.
- Sanitization: No sanitization or filtering of the retrieved web content is described in the skill documentation.
Audit Metadata