deep-reader
Pass
Audited by Gen Agent Trust Hub on May 12, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill is a legitimate utility for document and web content analysis. All tools and commands described (such as summary, insights, and Mermaid mapping) are consistent with the skill's stated purpose.
- [INDIRECT_PROMPT_INJECTION]: The skill is designed to ingest and process untrusted external data (files and URLs), which is a common surface for indirect prompt injection. However, this is a standard operational risk for reader-type skills and is mitigated by the lack of high-risk capabilities.
- Ingestion points: File reading (PDF, DOCX, TXT, MD, EPUB) and web fetching via the WebFetch tool in SKILL.md.
- Boundary markers: No explicit delimiters or instructions are used to separate the ingested content from the agent's internal instructions.
- Capability inventory: The skill is restricted to generating text and Mermaid diagrams; it has no capabilities for shell execution, sensitive file writes, or credential access.
- Sanitization: The skill does not perform specific sanitization of the input data before processing, relying on the model's inherent safety guardrails.
Audit Metadata