Skills
skills/firecrawl/agent/deep-research/Gen Agent Trust Hub

deep-research

Pass

Audited by Gen Agent Trust Hub on May 20, 2026

Risk Level: SAFEPROMPT_INJECTIONNO_CODE
Full Analysis
  • [NO_CODE]: This skill consists of a single Markdown file containing instructions for search and extraction strategies. It does not include any executable scripts, shell commands, or package dependencies.
  • [PROMPT_INJECTION]: The skill facilitates the ingestion of untrusted data from external websites, which is a known vector for indirect prompt injection.
  • Ingestion points: Scraped content from web sources (SKILL.md).
  • Boundary markers: The instructions lack explicit delimiters or warnings to the agent to ignore instructions embedded in the external content.
  • Capability inventory: The skill utilizes search and extraction capabilities and structured data formatting via 'formatOutput'.
  • Sanitization: There are no instructions for sanitizing or filtering the content retrieved from external sources.
Audit Metadata
Risk Level
SAFE
Analyzed
May 20, 2026, 12:20 AM
Security Audit — agent-trust-hub — deep-research