deep-research
Pass
Audited by Gen Agent Trust Hub on Apr 12, 2026
Risk Level: SAFE
Full Analysis
- [COMMAND_EXECUTION]: Executes Python validation and conversion scripts, along with system utilities like 'date' and 'mkdir' to manage research state and report file organization within the user's Documents and skill-specific output directories.
- [EXTERNAL_DOWNLOADS]: Identifies optional dependencies including 'search-cli' (installed via Homebrew from the vendor's tap) and 'weasyprint' (installed via pip) to provide extended search and PDF export capabilities. These are documented as vendor-owned or standard utility resources.
- [DATA_EXFILTRATION]: The research workflow involves making outbound network requests for web searching and automated citation verification via 'doi.org' as part of the primary fact-checking functionality.
- [PROMPT_INJECTION]: While the skill ingests untrusted data from web searches, it implements a 'Source trust boundary' protocol in 'quality-gates.md' that explicitly instructs the agent to treat external content as data/quotes and never as instructions.
Audit Metadata