deepthink
Pass
Audited by Gen Agent Trust Hub on Feb 21, 2026
Risk Level: SAFECOMMAND_EXECUTION
Full Analysis
- [COMMAND_EXECUTION] (LOW): The skill invokes a local Python script (
python3 -m skills.deepthink.think) to manage its internal reasoning steps. - Evidence: Seen in
SKILL.mdvia the<invoke>tag. - Context: This is the primary intended purpose of the skill and does not involve any dangerous parameters or shell injection vectors.
- [PROMPT_INJECTION] (SAFE): While the skill uses strong instructional language (e.g., 'Invoke IMMEDIATELY', 'Do NOT explore'), these are workflow directives to ensure the agent uses the intended script rather than attempting to bypass safety or behavioral constraints.
- [REMOTE_CODE_EXECUTION] (SAFE): No remote code execution or external downloads were detected. All execution is limited to the skill's own local scripts.
- [DATA_EXFILTRATION] (SAFE): No network-capable commands (curl, wget) or sensitive file paths were identified in the instruction files.
Audit Metadata