mcp-exa-search
Fail
Audited by Gen Agent Trust Hub on Mar 13, 2026
Risk Level: HIGHREMOTE_CODE_EXECUTIONCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [REMOTE_CODE_EXECUTION]: The installation instructions include a command to pipe a remote shell script from the author's GitHub repository directly to the system shell (
curl -fsSL ... | sh). While this is a resource provided by the author to support the skill's functionality, this method of installation bypasses standard package manager safety checks. - [COMMAND_EXECUTION]: The skill uses the
mhcommand-line utility to interact with the Exa AI service and perform its intended tasks. - [PROMPT_INJECTION]: The skill processes external web content, which presents a surface for indirect prompt injection. 1. Ingestion points: Results from
webSearchExaandgetCodeContextExa(SKILL.md). 2. Boundary markers: None identified in the provided instructions. 3. Capability inventory: Local command execution via themhCLI. 4. Sanitization: No specific sanitization or filtering of search results is mentioned.
Recommendations
- HIGH: Downloads and executes remote code from: https://raw.githubusercontent.com/vaayne/mcphub/main/scripts/install.sh - DO NOT USE without thorough review
Audit Metadata