deep-research
Warn
Audited by Gen Agent Trust Hub on Jun 25, 2026
Risk Level: MEDIUMCOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill includes an installation script (
scripts/install.sh) that executes shell commands to configure the local environment, create directories, and copy files into agent-specific configuration paths (e.g.,~/.claude/skills). - [COMMAND_EXECUTION]: In the report generation phase, the agent is instructed to dynamically generate a Python script (
generate_report.py) and immediately execute it using theBashtool to transform research findings into a final report. - [EXTERNAL_DOWNLOADS]: The installation process fetches external resources, including cloning a repository from GitHub and installing the
pyyamlpackage from a public registry to support the deep-research validation logic. - [PROMPT_INJECTION]: The workflow relies heavily on ingesting untrusted data from the open web via search results. While a validation script (
validate_json.py) is used to verify JSON structure, the skill is subject to indirect prompt injection risks where malicious content in searched web pages could attempt to influence the agent's downstream behavior or report generation.
Audit Metadata