deep-research
Pass
Audited by Gen Agent Trust Hub on Feb 26, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill executes a local script
scripts/research.pyto manage the research workflow, search logic, and interaction with the Gemini API. - [EXTERNAL_DOWNLOADS]: The skill requires installing Python dependencies via
pip install -r requirements.txtfrom a source repository (sanjay3290/ai-skills) that does not belong to a trusted organization or well-known vendor. - [PROMPT_INJECTION]: The skill is designed to ingest and process untrusted external data, creating an indirect prompt injection surface.
- Ingestion points: External websites, search results, and technical documents read during the research process.
- Boundary markers: No delimiters or explicit instructions to ignore embedded commands within retrieved data are documented.
- Capability inventory: The skill possesses network access via
httpxand the ability to execute local scripts. - Sanitization: There is no evidence of sanitization or validation of external content before it is interpolated into prompts for synthesis.
Audit Metadata