Skills
skills/aaaaqwq/claude-code-skills/deep-research/Gen Agent Trust Hub

deep-research

Pass

Audited by Gen Agent Trust Hub on May 9, 2026

Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
  • [PROMPT_INJECTION]: Indirect Prompt Injection Surface
  • Ingestion points: The skill accepts a user-defined --query and processes external information gathered during the "Deep Research" phase (SKILL.md).
  • Boundary markers: The documentation does not specify the use of delimiters or specific instructions to the model to ignore embedded commands in the researched data.
  • Capability inventory: The skill executes a local Python script (scripts/research.py) which utilizes httpx for network communication and generates synthesized reports (SKILL.md).
  • Sanitization: No sanitization or filtering of external content is mentioned in the provided documentation.
  • [COMMAND_EXECUTION]: Local Script Execution
  • The skill instructions direct the agent to execute a local script python3 scripts/research.py with various arguments (SKILL.md). While this is the primary mechanism of the skill's functionality, it involves running executable code provided within the skill package.
  • [CREDENTIALS_UNSAFE]: API Key Management
  • The skill requires a GEMINI_API_KEY. The setup instructions correctly advise users to use environment variables or a .env file, which is considered a safe and standard practice for secret management (SKILL.md).
Audit Metadata
Risk Level
SAFE
Analyzed
May 9, 2026, 02:38 PM