ClawHub

Exa

Security checks across malware telemetry and agentic risk

Overview

This skill is a straightforward Exa search wrapper that sends searches and URLs to Exa using a user-provided API key.

Install only if you are comfortable using Exa as a third-party service. Use a dedicated Exa API key, protect the credential file, and avoid submitting secrets, private internal URLs, confidential research targets, or personal data in queries or content-extraction requests.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (4)

Lp3

Medium
Category
MCP Least Privilege
Confidence
93% confidence
Finding
The skill invokes shell scripts (`bash scripts/search.sh`, `bash scripts/content.sh`) and declares required binaries, but does not declare corresponding permissions. This creates a transparency and policy gap: users and the platform may underestimate the skill's execution capabilities, increasing the chance of unsafe use or abuse through shell-based actions.

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The skill sends user-supplied search queries and URLs to Exa, an external service, but the documentation does not warn users that their inputs and requested content will leave the local environment. This can lead to unintended disclosure of sensitive prompts, internal URLs, or confidential research targets.

Missing User Warnings

Medium
Confidence
82% confidence
Finding
The script sends user-supplied URLs to a third-party API for remote content extraction but provides no explicit disclosure at runtime that those URLs, and potentially the fetched page content derived from them, are being transmitted off-box. This can cause unintentional sharing of sensitive internal or private links when users assume the tool operates locally.

Natural-Language Policy Violations

Medium
Confidence
92% confidence
Finding
The script silently sets LOCATION=NL by default and always includes it in the outbound request, which can bias search results and misrepresent the user's locale without consent. In a search skill, implicit geolocation affects content ranking and could create privacy, compliance, or integrity issues if users assume neutral or local results.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal