sn-deep-research
Pass
Audited by Gen Agent Trust Hub on Apr 29, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill executes the openssl rand -hex 2 command to generate a short hexadecimal string for unique directory naming. This is a restricted use of the shell for a specific utility task.
- [EXTERNAL_DOWNLOADS]: The skill relies on a web_search tool to retrieve research data from the internet. This is a core part of its intended functionality.
- [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection (Category 8) because it processes untrusted data from web searches. 1. Ingestion points: External data enters the context via the web_search tool results. 2. Boundary markers: The instructions do not define specific delimiters or instructions to ignore embedded commands within search results. 3. Capability inventory: The skill has permissions to read/write files in the workspace, execute the openssl command, and perform web searches. 4. Sanitization: No explicit sanitization or filtering of search content is mentioned before it is synthesized into reports.
Audit Metadata