Code Docs Search by Exa
AdvisoryAudited by Static analysis on Apr 30, 2026.
Overview
No suspicious patterns detected.
Findings (0)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
Search queries, including any private code names or details the user includes, may be transmitted to Exa's MCP service.
The skill relies on an external MCP service. This is disclosed and central to the skill's purpose, but it means user queries are sent outside the local environment.
Connect MCP server: `https://mcp.exa.ai/mcp`
Avoid putting secrets, private source code, credentials, or sensitive business details into search queries unless sharing them with the external provider is acceptable.
The agent may rely on third-party code examples or documentation that should not be treated as automatically safe or correct.
The skill intentionally brings external code and documentation into the agent's context. This is purpose-aligned, but externally sourced snippets can be incomplete, outdated, or misleading.
Finds real code snippets and docs from GitHub, docs sites, and Stack Overflow.
Review returned code before using it, verify versions, and avoid blindly applying snippets to production or security-sensitive projects.