Skills
skills/ruvnet/ruflo/deep-research/Gen Agent Trust Hub

deep-research

Pass

Audited by Gen Agent Trust Hub on May 13, 2026

Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The instructions direct the agent to use the Bash tool to analyze the codebase (e.g., using grep and find), which involves executing shell commands in the local environment.
  • [EXTERNAL_DOWNLOADS]: The skill utilizes WebSearch and WebFetch to download and ingest content from external web sources, reaching out to non-whitelisted domains during its research phase.
  • [PROMPT_INJECTION]: The skill possesses an inherent attack surface for indirect prompt injection as it processes and synthesizes content from external websites without boundary markers.
  • Ingestion points: Untrusted data enters the agent context via WebSearch and WebFetch (SKILL.md).
  • Boundary markers: The skill lacks instructions for using delimiters or explicit "ignore instructions" directives for content retrieved from external sources.
  • Capability inventory: The skill enables the use of Bash, Write, and WebFetch, which provide a significant capability set that could be targeted by instructions hidden in external data (SKILL.md).
  • Sanitization: No validation or sanitization steps are provided for external content before it is used in synthesis or stored in memory.
Audit Metadata
Risk Level
SAFE
Analyzed
May 13, 2026, 08:04 AM