If the exit node is compromised you’re fcked for good.*
It's not that simple, otherwise there wouldn't be any value in using an Onion architecture. Assuming you're using HTTPS, which every decent search engine supports, they either also need to create a fake but acceptable certificate for the domain, or to also control entry nodes and match the entering requests with the exit ones.
The NSA might be able to do it, but it's not just a matter of controlling an exit node.
It's not that simple, otherwise there wouldn't be any value in using an Onion architecture. Assuming you're using HTTPS, which every decent search engine supports, they either also need to create a fake but acceptable certificate for the domain, or to also control entry nodes and match the entering requests with the exit ones.
The NSA might be able to do it, but it's not just a matter of controlling an exit node.