deep-research
Pass
Audited by Gen Agent Trust Hub on Jun 16, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: No security issues detected. The skill is designed for academic research automation and follows a structured 6-phase orchestration workflow.
- [PROMPT_INJECTION]: All agent instructions (e.g., socratic_mentor_agent, research_question_agent) were analyzed for bypass markers or jailbreak attempts. The instructions focus on academic rigor, citation integrity, and Socratic questioning without attempting to override system safety guidelines.
- [DATA_EXFILTRATION]: No hardcoded credentials or unauthorized network exfiltration patterns found. References to external databases and monitoring services (e.g., PubMed, Google Scholar, Retraction Watch, OSF) are legitimate academic tools used for the stated research purpose.
- [REMOTE_CODE_EXECUTION]: The skill does not contain any installation scripts, shell command execution placeholders, or remote code execution patterns. It utilizes roleplay instructions for the AI to simulate a research team rather than executing external code.
- [DYNAMIC_CONTEXT_INJECTION]: No use of dynamic context injection placeholders (!
command) detected in the SKILL.md file. - [INDIRECT_PROMPT_INJECTION]: While the skill ingests external research content (papers, reports), it lacks the dangerous capabilities (like filesystem write or shell access) that would allow an attacker to exploit the agent via processed data. The inclusion of source verification and ethical appraisal agents provides additional defensive layers.
Audit Metadata