deep-research
Pass
Audited by Gen Agent Trust Hub on Feb 25, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: No malicious patterns or critical security vulnerabilities were detected.
- [DATA_EXFILTRATION]: The skill transfers local files and user queries to the Google Gemini API. This interaction with a well-known service is the core functionality of the research tool and is documented accordingly.
- [EXTERNAL_DOWNLOADS]: External Python dependencies such as
google-genaiandrichare managed throughuv runand retrieved from official registries. - [PROMPT_INJECTION]: The skill processes external data (local files and previous research), creating a surface for indirect prompt injection.
- Ingestion points: Processes local project files via context stores and previous research results via the
--follow-upflag inscripts/research.py. - Boundary markers: Uses
<previous_findings>tags to separate historical data from the current query instructions. - Capability inventory: Includes file system access (read/write for reports and state) and network operations to the Google Gemini API.
- Sanitization: Includes logic in
scripts/research.pyto escape backticks and remove injection-prone tags from historical research data to prevent hijacking of the new research session.
Audit Metadata