deep-research
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFE
Full Analysis
- SAFE (SAFE): The skill is strictly instructional and defines research protocols using specialized search tools. No malicious behavior, unauthorized command execution, or credential leaks were detected.
- Indirect Prompt Injection (SAFE): Analysis of attack surface: 1. Ingestion points: The skill ingests untrusted external content from the web and GitHub via tools like
firecrawl_agentandoctocode_githubSearchCode. 2. Boundary markers: Absent; prompt instructions do not specify delimiters for external content. 3. Capability inventory: The agent interprets findings to generate task requirements and implementation patterns. 4. Sanitization: Absent; the content is synthesized directly by the LLM. The risk is minimized by the skill's specific use case and structured schema requirements for tool outputs.
Audit Metadata