exa-search
Pass
Audited by Gen Agent Trust Hub on Feb 27, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill facilitates the ingestion of untrusted external content, creating a vulnerability to indirect prompt injection.\n
- Ingestion points: Data is ingested from the Exa API through
scripts/exa_search.pyandscripts/exa_contents.pywhich fetch content from arbitrary web URLs.\n - Boundary markers: The skill lacks explicit boundary markers or delimiters to isolate untrusted web content from the agent's instructions.\n
- Capability inventory: The skill includes Python scripts capable of making network requests to the Exa API endpoints.\n
- Sanitization: No evidence of sanitization or filtering of retrieved web content was found within the provided scripts.
Audit Metadata