The Agent Skills Directory

[COMMAND_EXECUTION]: The skill uses subprocess.run in scripts/run_deep_research.py to execute its core API client script.
Evidence: The command is executed using a list of arguments and shell=False (default), which prevents shell injection vulnerabilities.
[EXTERNAL_DOWNLOADS]: The skill makes network requests to OpenAI's API as part of its primary functionality.
Evidence: assets/deep_research.py utilizes the openai Python package to perform research and web search operations.
[CREDENTIALS_UNSAFE]: The skill appropriately handles sensitive credentials by using environment variables.
Evidence: The API key is retrieved via os.environ.get('OPENAI_API_KEY'), supporting secure configuration through .env files or environment settings without hardcoding secrets.
[SAFE]: The skill's architecture for handling long-running tasks and saving research results to local markdown files follows standard developer tool patterns and presents no significant security risks.

deep-research