deep-research
Pass
Audited by Gen Agent Trust Hub on May 8, 2026
Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
- [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection. It ingest untrusted data from multiple external sources including
WebSearchresults,web_readercaptures, andalphaCLI outputs. While the skill employs a 'Reviewer' agent to detect biases and errors, it lacks explicit instruction-isolation boundaries to prevent malicious commands embedded in external content from influencing the agent's logic during the drafting or review phases. - [COMMAND_EXECUTION]: The skill utilizes the
Bashtool to interact with thealphaCLI utility (e.g.,alpha get <ID>,alpha code <url>). These commands are used to perform academic research and analyze code repositories. Execution of shell commands based on IDs or URLs extracted from search results represents a standard but notable capability. - [EXTERNAL_DOWNLOADS]: The skill's documentation (references/tool-map.md) specifies a dependency on the
@companion-ai/alpha-hubNPM package, which must be installed globally to enable academic paper analysis features.
Audit Metadata