Skills
skills/cyranob/web-forager/deep-research/Gen Agent Trust Hub

deep-research

Pass

Audited by Gen Agent Trust Hub on Jun 13, 2026

Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill uses uvx and uv run to execute shell commands for web searching and content retrieval.
  • [EXTERNAL_DOWNLOADS]: Dynamically installs and runs the web-forager and ddgs packages from public registries at runtime to perform research tasks.
  • [EXTERNAL_DOWNLOADS]: Fetches web content through r.jina.ai, an external well-known service used to convert HTML pages into LLM-friendly markdown.
  • [PROMPT_INJECTION]: Presents an indirect prompt injection surface (Category 8) because it ingests untrusted data from the web.
  • Ingestion points: Content fetched from arbitrary URLs via web-forager or jina.ai as described in SKILL.md.
  • Boundary markers: Absent; the instructions do not include specific delimiters or warnings to ignore instructions found within fetched web pages.
  • Capability inventory: Subprocess execution via uvx and uv run, and network operations via curl.
  • Sanitization: None; the skill relies on the agent's internal safety guardrails to process external content safely.
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 13, 2026, 01:24 AM
Security Audit — agent-trust-hub — deep-research