deep-research
Pass
Audited by Gen Agent Trust Hub on Apr 9, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill defines a standard research procedure, including scoping, data collection, verification, and report generation. No malicious patterns such as credential theft, persistence, or obfuscation were detected.
- [PROMPT_INJECTION]: The skill contains an attack surface for indirect prompt injection as it processes external content from the web to perform its research task.
- Ingestion points: External data enters the agent context through the WebSearch and WebFetch tools mentioned in the process section of SKILL.md.
- Boundary markers: The instructions do not define specific delimiters or instructions to ignore embedded commands in the fetched web content.
- Capability inventory: The skill utilizes WebSearch, WebFetch, and Read tools, and it is instructed to write reports to the project's 02-research/ folder.
- Sanitization: No specific sanitization or filtering logic for external content is provided in the instructions.
Audit Metadata