Exa Researcher

Security checks across malware telemetry and agentic risk

Overview

This is an instruction-only research skill whose web, company, people, code, crawling, and deep-research capabilities are disclosed and aligned with its purpose.

Install only if you want an agent to use Exa MCP for external research. Avoid confidential query text unless you trust the provider, scope crawling and deep-research jobs clearly, use people search only for legitimate privacy-respecting purposes, and confirm before saving sensitive findings to memory.

SkillSpector

By NVIDIA

Vulnerability Patterns

Trigger AbuseOverly Broad Trigger, Shadow Command Trigger, Keyword Baiting Trigger
Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code

Findings (2)

Vague Triggers

Medium

Confidence: 94% confidence
Finding: The skill description uses very broad trigger language such as 'use when you need to conduct web research' and 'any knowledge-intensive research needs,' which can cause the agent to invoke this skill for a wide range of ordinary prompts. Overbroad activation increases unintended tool use and can expose users to unnecessary web, people, or crawling operations without clear scoping or consent.

Missing User Warnings

Medium

Confidence: 96% confidence
Finding: The skill advertises people-search functionality for 'background research' and 'finding experts' without any privacy, consent, or lawful-use warning. In this context, that omission is dangerous because it normalizes collection of personal information and may lead the agent to assist with profiling, doxxing, or other privacy-invasive requests without additional checks.

VirusTotal

64/64 vendors flagged this skill as clean.

View on VirusTotal