Back to skill

Security audit

Exa Web Search (Free)

Security checks across malware telemetry and agentic risk

Overview

This is a normal Exa web-search connector, with the main caveat that searches and optional research inputs go to Exa's external service.

Install only if you are comfortable sending search terms and research inputs to Exa. Avoid submitting secrets, private code, internal-only URLs, confidential business information, credentials, regulated data, or sensitive personal information, and use people-search and crawling features only where you have a legitimate and policy-compliant reason.

SkillSpector

By NVIDIA
Vulnerability Patterns
  • Data ExfiltrationExternal Transmission, Env Variable Harvesting, File System Enumeration
  • Prompt InjectionInstruction Override, Hidden Instructions, Exfiltration Commands
  • Privilege EscalationExcessive Permissions, Sudo/Root Execution, Credential Access
  • Supply ChainUnpinned Dependencies, External Script Fetching, Obfuscated Code
  • Excessive AgencyUnrestricted Tool Access, Autonomous Decision Making, Scope Creep
Findings (2)

Missing User Warnings

Medium
Confidence
95% confidence
Finding
The skill explicitly instructs users to connect to and query a remote Exa MCP endpoint, but it does not warn that user prompts, search terms, and possibly sensitive business or code-related queries will be transmitted to a third-party service. This creates a real privacy and data-handling risk because users may unknowingly send confidential information outside their local environment.

Missing User Warnings

Medium
Confidence
94% confidence
Finding
The examples encourage use of web search, crawling, people search, and deep research features that necessarily send user-supplied queries, company names, person names, or URLs to an external service, but they provide no disclosure or warning about that data flow. In a skill focused on search and research, users may paste sensitive internal topics, targets, URLs, or personal data into these commands, creating privacy, confidentiality, and compliance risks through unintended third-party disclosure.

VirusTotal

63/63 vendors flagged this skill as clean.

View on VirusTotal

Static analysis

No suspicious patterns detected.