Back to skill

Security audit

Exa

Security checks across malware telemetry and agentic risk

Overview

This is a straightforward Exa API search wrapper, with ordinary third-party API privacy considerations but no hidden or destructive behavior found.

Install only if you are comfortable sending searches, filters, locations, and content-extraction URLs to Exa. Use a dedicated Exa API key, protect the credential file, and avoid submitting secrets, private internal URLs, confidential research targets, or personal data unless that sharing is acceptable.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • MCP Least PrivilegeUnderdeclared Capability, Wildcard Permission, Missing Permission Declaration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
Findings (3)

Lp3

Medium
Category
MCP Least Privilege
Confidence
89% confidence
Finding
The skill advertises and documents shell execution via `bash scripts/search.sh` and `bash scripts/content.sh`, but it does not declare any permissions despite requiring command-line tools (`curl`, `jq`) and shell capability. This creates a trust and sandboxing gap: an agent or platform may treat the skill as lower risk than it actually is, while the scripts can make network requests and process user-controlled input.

Missing User Warnings

Medium
Confidence
91% confidence
Finding
The script sends the user's search query and location-derived context to a third-party API, but it provides no runtime disclosure, consent prompt, or privacy notice before transmission. In a skill context, users may assume local processing, so silent external transmission can expose sensitive search terms, investigative topics, or personal context without informed consent.

Natural-Language Policy Violations

Medium
Confidence
87% confidence
Finding
The script silently defaults the user location to NL, which injects geographic context into every search even when the user did not request it. This can produce misleading results, leak inferred location preferences to the provider, and reduce user control over what contextual data is transmitted.

VirusTotal

66/66 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.