deep-research
Pass
Audited by Gen Agent Trust Hub on May 10, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: No security issues detected. The skill leverages native platform tools (WebSearch/WebFetch) for their intended purpose and implements quality control measures to ensure citations and factual accuracy.
- [PROMPT_INJECTION]: The skill exhibits an indirect prompt injection surface (Category 8) due to the ingestion of untrusted web content. Evidence: (1) Ingestion points: The skill uses WebSearch and WebFetch tools in SKILL.md to retrieve external data. (2) Boundary markers: No specific delimiters or instructions to ignore embedded prompts are provided in the ResearchScout prompt templates. (3) Capability inventory: The skill is restricted to web research and synthesis tools; no high-risk capabilities like file system modification or code execution are present. (4) Sanitization: No explicit sanitization of fetched content is performed, though the workflow includes a 'validate and triangulate' phase to verify claims across multiple sources. This surface is considered safe given the skill's primary research purpose and lack of dangerous capabilities.
Audit Metadata