deep-research-academic
Pass
Audited by Gen Agent Trust Hub on Apr 1, 2026
Risk Level: SAFE
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill uses the built-in
WebSearchandWebFetchtools to retrieve information for research purposes. These operations are performed as part of the primary research function and do not download executable code. - [COMMAND_EXECUTION]: The skill instructs the agent to execute several local Python scripts (
validate_report.py,verify_citations.py,md_to_html.py) which are included as part of the skill's own package. These scripts are used for content validation, citation verification (via DOI.org), and formatting, posing no security risk to the host environment. - [DATA_EXFILTRATION]: No exfiltration patterns were detected. Data retrieved from the web is processed locally to generate reports saved in the user's
~/Documentsfolder. Sensitive system files or credentials are not accessed. - [PROMPT_INJECTION]: The skill contains robust instructions to prevent hallucinations and ensure source grounding. It does not contain instructions to bypass agent safety filters or override system behavior in a malicious way. The 'AUTONOMY PRINCIPLE' mentioned in the instructions is a benign guideline for independent task execution.
- [REMOTE_CODE_EXECUTION]: No remote code execution vectors were found. The skill relies on standard library Python modules and built-in agent tools for its functionality.
- [INDIRECT_PROMPT_INJECTION]: The skill has an ingestion surface for untrusted data (web search results). However, it implements several security and quality checks, including source credibility scoring (0-100), DOI resolution, and automated quality validation to mitigate the risk of processing malicious instructions embedded in external content.
Audit Metadata