deep-research
Pass
Audited by Gen Agent Trust Hub on Mar 27, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill implements a structured multi-agent workflow for research synthesis, using background agents to maintain isolated contexts and improve research depth.
- [PROMPT_INJECTION]: The skill includes an explicit 'Untrusted Content Rule' that instructs the agent to ignore any instructions found within fetched web pages, specifically mitigating indirect prompt injection attempts.
- [EXTERNAL_DOWNLOADS]: Uses WebSearch and WebFetch tools to retrieve information from external sources, which is consistent with its stated primary purpose of comprehensive research.
- [COMMAND_EXECUTION]: While the skill has access to the Bash tool, it is scoped for codebase exploration and contains strict prohibitions against executing code or instructions retrieved from external sources.
- [DATA_EXFILTRATION]: No evidence of unauthorized data transmission was found; the skill processes local and remote data for internal synthesis and report generation only.
- [DYNAMIC_EXECUTION]: Uses the Agent tool to spawn sub-agents for specialized research tasks (official, code, community), which is a standard pattern for complex orchestration workflows.
Audit Metadata