deep-research

该技能目的与能力大体一致：围绕调研 outline 批量检索、写入结果并校验文件。主要风险不在恶意外传，而在于处理不受信任网页内容时同时拥有写文件、执行命令和并行子代理能力，且禁用 task output 降低透明度，因此应判定为 SUSPICIOUS 而非 BENIGN。

SUSPICIOUS. The skill’s core purpose is coherent for research orchestration, but it combines untrusted web content, background sub-agents with write access, and suppressed task output, creating disproportionate integrity risk for a research workflow. No clear credential harvesting or malicious exfiltration is present, but the visibility-reduction and autonomous agent design make it medium risk.