deep-research
Pass
Audited by Gen Agent Trust Hub on Mar 13, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill uses established Model Context Protocol (MCP) tools including firecrawl and exa to perform web searches and scrapes, which aligns with its primary purpose of deep research.
- [SAFE]: The instructions for reading configuration files (~/.claude.json or ~/.codex/config.toml) are directed at the user for environment setup and do not involve unauthorized file access or exfiltration by the agent.
- [SAFE]: The use of Claude Code's Task tool for parallel agent execution is a standard feature for task decomposition and does not constitute a security risk in this context.
- [SAFE]: Although the skill ingests arbitrary data from the web (a surface for indirect prompt injection), it incorporates quality rules such as 'no hallucination' and 'cross-reference' to maintain data integrity.
Audit Metadata