deep-research
Pass
Audited by Gen Agent Trust Hub on May 10, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSREMOTE_CODE_EXECUTION
Full Analysis
- [COMMAND_EXECUTION]: The skill orchestrates its multi-agent workflow by calling several local utility scripts (e.g.,
deep-research-bootstrap.shanddeep-research-deliver.sh) to manage workspace tasks and finalize deliverables. - [EXTERNAL_DOWNLOADS]: The
fetch-fredcommand inscripts/research_quant_toolkit.pyutilizes therequestslibrary to download economic data from the official St. Louis Fed (FRED) CSV data service. - [REMOTE_CODE_EXECUTION]: The skill includes a calculation utility in
scripts/research_quant_toolkit.pythat useseval()to evaluate user-supplied mathematical expressions. The implementation usesast.parse()to strictly limit allowed operations to safe mathematical nodes and executes the code with no built-in functions available to prevent arbitrary code execution. - [SAFE]: Implements a structured research methodology with automated reference normalization and integrity checks (via
deep_research_reference_guard.py) to ensure that all generated research findings are verifiable and derived from legitimate sources.
Audit Metadata