deepwork
Pass
Audited by Gen Agent Trust Hub on Jun 13, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: No malicious patterns, hidden code, or unauthorized operations were found. The skill serves as a process guide for complex tasks.- [DATA_EXFILTRATION]: The skill uses a local directory .slim/deepwork/ for persistent state. It includes specific defensive instructions to exclude this directory from Git repositories via .gitignore, following security best practices.- [PROMPT_INJECTION]: Evaluation of indirect prompt injection surface: 1. Ingestion points: Data entering the workflow via @librarian (external research). 2. Boundary markers: None specified for the deepwork file content. 3. Capability inventory: Orchestration and delegation logic. 4. Sanitization: Risk is mitigated through required reconciliation steps and mandatory review gates by a separate agent (@oracle) before execution.
Audit Metadata