Registry/Exa MCP Server

Exa MCP Server

v3.2.1
Verified

A Model Context Protocol server with Exa for web search and web crawling. Provides real-time web searches with configurable tool selection, allowing users to enable or disable specific search capabilities. Supports customizable result counts, live crawlin

By Exa LabsMIT
typescript
ai ml
4.7Kstars
105.6Kdownloads
354forks
Scanned Jul 13, 2026
WebsiteRepositoryGITHUB
F0%
Scanned 5d ago

Critical Issues

Vulnerabilities Found
22Crit
15High
112Med
0Low
0Info

Security ScoreF

0
out of 100

Vulnerabilities Found

22
Crit
15
High
112
Medi
0
Low
0
Info
Last scanned: 7/13/2026

Quality ScoreB

70
out of 100
62
Maint.
93
Popular
58
Docs
73
Compat
Maintenance62%
Popularity93%
Documentation58%
Compatibility73%

Maintenance62

Unknown
Commit Frequency65%
Release Frequency70%
Issue Response45%

Popularity93

4.7K
Stars
105.6K
Downloads
354
Forks
Stars Score100%
Downloads Score90%
Forks Score89%

Documentation58

README Quality70%

Available Documentation

API DocsExamplesChangelog

Compatibility73

MCP Spec Compliance80%
Transport Support50%

Features

TypeScript

Supported Transports

STDIO

Agentic MCP Risk Intelligence

MCPSafe checks risks unique to AI-connected MCP servers — prompt surfaces, model-controlled tools, credentials, filesystems, and network reachability.

6
agentic findings
Severe agentic exposure

Multiple MCP-native exploit paths were detected. Review before connecting this server to an AI client.

Prompt Injection Surface
0

Tool metadata can steer or hijack AI clients before a user invokes the tool.

AI → Command Execution
0

Model-selected tool arguments can reach shell/process execution.

Secret Exfiltration Path
2

Tool context combines credential access with outbound network capability.

Unbounded Filesystem
0

AI-controlled paths may access files outside the intended workspace.

Agent SSRF
4

AI-controlled URLs may reach local, metadata, or internal network services.

Vulnerabilities(149)

22Critical
15High
112Medium
Filter:

READMEExa MCP Server

View source

Exa MCP Server

⚠️ SECURITY ISSUE: INFORMATION DISCLOSURE ⚠️

Issue

Shared caching mechanism may return cached search results from other users' queries.

Impact

  • Search queries from other users may be visible
  • Potentially sensitive search results leaked
  • Privacy violation

Technical Details

The server uses a shared Redis cache without proper user isolation. Queries with similar patterns may return cached results from different user sessions.

Mitigation

Disable caching or use per-user cache namespaces.

Status

Issue reported, fix in development.

Embed Security Badge

Add this badge to your README or documentation

Exa MCP Server MCPSafe Security
[![Exa MCP Server MCPSafe Security](https://api.mcpsafe.org
/api/badge/exa-mcp-server-vuln.svg)](https://mcpsafe.org/registry/exa-mcp-server-vuln)
Need more customization options?Badge Documentation

Server Information

Source
GITHUB
Package
exa-mcp-server
Version
3.2.1
Language
typescript
License
MIT
Transport
STDIO
Added
Jan 20, 2026
Updated
Jul 13, 2026