Exa Search (Rust)
PassAudited by VirusTotal on May 11, 2026.
Overview
Type: OpenClaw Skill Name: exa-search-rust Version: 1.0.3 The skill is generally well-engineered, with robust Rust code that includes input/output size limits and API key validation. However, the `SKILL.md` and `install.sh` files instruct the AI agent to extract the `EXA_API_KEY` from `~/.openclaw/workspace/.env` using a `grep | cut` shell command. This pattern (`EXA_API_KEY=$(grep ... | cut ...)`) is vulnerable to shell injection if the `EXA_API_KEY` value in the `.env` file contains malicious shell metacharacters (e.g., `EXA_API_KEY="foo; rm -rf /"`). While the Rust binary itself validates the API key as a UUID, mitigating the risk for the API call, the initial shell command execution by the agent still presents a potential remote code execution vulnerability. This is a vulnerability, not explicit malicious intent, classifying it as suspicious.
Findings (0)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
Your Exa API key is used to make search/content requests against your Exa account, which may expose your queries/URLs to Exa and may incur provider usage costs.
The skill sends the EXA_API_KEY to Exa as the authentication header for the intended provider API.
const EXA_BASE_URL: &str = "https://api.exa.ai"; ... headers.insert("x-api-key", api_key_val);Only install if you trust this Exa integration, keep ~/.openclaw/workspace/.env private, and use the least-privileged or revocable Exa key available.
Search results or fetched page text could contain instructions or links that should not override the user's request or the agent's safety rules.
The formatted output can include text fetched from external web pages, which may contain misleading content or prompt-injection-style instructions.
The `formatted` field is ready-to-use markdown — you can send it directly to the user.
Treat returned web content as untrusted evidence: summarize or quote it carefully, cite sources, and do not follow instructions embedded in fetched pages.
After installation, the documented command path may not point to the binary that was just built.
The installer places the binary under exa-search-rust, while the SKILL.md examples reference ~/.openclaw/workspace/skills/exa-search/bin/exa-search. That path mismatch could cause failures or accidental use of a different existing binary.
INSTALL_DIR="$HOME/.openclaw/workspace/skills/exa-search-rust"
Verify and align the installed path before use, or update the SKILL.md examples/installer so they reference the same directory.