ClawHub

Exa Tool

Security checks across malware telemetry and agentic risk

Overview

This appears to be a straightforward Exa search integration, but users should understand that searches and crawl targets are sent to Exa and that the package metadata appears incomplete.

Install this only if you want OpenClaw agents to use Exa and are comfortable sharing search terms, crawl URLs, company/person names, and research prompts with Exa under your account. Keep the EXA_API_KEY out of prompts and logs, avoid using this with secrets or private internal URLs, and verify the missing or mismatched command files before relying on the advertised exa-search command.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Rogue AgentSelf-Modification, Session Persistence
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (3)

Missing User Warnings

Medium
Confidence
92% confidence
Finding
The README advertises crawling, company research, people search, and deep research features but does not clearly disclose that prompts, search queries, URLs, and possibly retrieved target data are sent to the external Exa service. This can mislead operators and downstream agents into transmitting sensitive internal queries or proprietary URLs to a third party without informed consent, increasing privacy, compliance, and data-handling risk.

Missing User Warnings

Medium
Confidence
94% confidence
Finding
The skill routes user queries and potentially crawled URLs/content to Exa's external MCP service, but it does not clearly warn users that their prompts and retrieved web content leave the local environment. This creates a real privacy and data-handling risk because users may unknowingly send sensitive internal queries, URLs, or research targets to a third party.

Session Persistence

Medium
Category
Rogue Agent
Content
export EXA_API_KEY="your_exa_api_key_here"
   ```

   Or create a `.env` file in your workspace:
   ```bash
   echo "EXA_API_KEY=your_exa_api_key_here" > ~/.openclaw/workspace/.env
   source ~/.openclaw/workspace/.env
Confidence
85% confidence
Finding
create a `.env` file in your workspace: ```bash echo "EXA_API_KEY=your_exa_api_key_here" > ~/.openclaw/workspace/.env source ~/.openclaw

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal