deep-research

Fail

Audited by Snyk on Jun 25, 2026

Risk Level: CRITICAL
Full Analysis

CRITICAL E005: Suspicious download URL detected in skill instructions.

  • Suspicious download URL detected (high risk: 0.70). Both URLs point to personal GitHub repositories that include install scripts (npx/git/pip operations and file-copying) — while GitHub is a common distribution channel, pulling and executing code from unverified/unknown accounts without reviewing the scripts or running in a sandbox presents a moderate security risk.

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

  • Third-party content exposure detected (high risk: 0.95). The required runtime path for the deep phase (/research-deepdeep-pipeline.md) delegates each item to the web-search agent (web-search-pipeline.md), which performs runtime web fetching/search across outsider-authored public sources (e.g., GitHub Issues, Reddit, Stack Overflow, academic indexes), and ingests their readable text into the agent’s LLM context for synthesis.

Issues (2)

E005
CRITICAL

Suspicious download URL detected in skill instructions.

W011
MEDIUM

Third-party content exposure detected (indirect prompt injection risk).

Audit Metadata
Risk Level
CRITICAL
Analyzed
Jun 25, 2026, 12:14 PM
Issues
2
Security Audit — snyk — deep-research