deep-research

Warn

Audited by Gen Agent Trust Hub on Jun 25, 2026

Risk Level: MEDIUMCOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill includes an installation script (scripts/install.sh) that executes shell commands to configure the local environment, create directories, and copy files into agent-specific configuration paths (e.g., ~/.claude/skills).
  • [COMMAND_EXECUTION]: In the report generation phase, the agent is instructed to dynamically generate a Python script (generate_report.py) and immediately execute it using the Bash tool to transform research findings into a final report.
  • [EXTERNAL_DOWNLOADS]: The installation process fetches external resources, including cloning a repository from GitHub and installing the pyyaml package from a public registry to support the deep-research validation logic.
  • [PROMPT_INJECTION]: The workflow relies heavily on ingesting untrusted data from the open web via search results. While a validation script (validate_json.py) is used to verify JSON structure, the skill is subject to indirect prompt injection risks where malicious content in searched web pages could attempt to influence the agent's downstream behavior or report generation.
Audit Metadata
Risk Level
MEDIUM
Analyzed
Jun 25, 2026, 12:14 PM
Security Audit — agent-trust-hub — deep-research