Skills
skills/broomva/deep-dive-research-skill/deep-dive-research-orchestrator/Gen Agent Trust Hub

deep-dive-research-orchestrator

Pass

Audited by Gen Agent Trust Hub on Feb 25, 2026

Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONREMOTE_CODE_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill configuration in SKILL.md requests broad permissions for Bash(curl *) and Bash(grep *), allowing the agent to execute shell commands and perform arbitrary network requests.
  • [EXTERNAL_DOWNLOADS]: The README.md and INSTALLATION.md files provide instructions to download and install multiple external skills from various community repositories to enable core functionality.
  • [REMOTE_CODE_EXECUTION]: The installation process promotes the use of npx skills add to fetch and execute code from third-party GitHub accounts (e.g., eng0ai, ognjengt, sickn33) which are integrated into the research workflow.
  • [PROMPT_INJECTION]: The skill processes untrusted content from the internet via WebSearch and WebFetch, creating a surface for indirect prompt injection.
  • Ingestion points: WebSearch and WebFetch tools are used by all specialist agents to retrieve data from external websites.
  • Boundary markers: While the skill enforces citation rules and quality gates, it lacks explicit instruction boundary markers to prevent malicious instructions in web content from influencing agent behavior.
  • Capability inventory: The agents have access to powerful tools including Bash(curl *), Write, and Task for managing sub-processes.
  • Sanitization: No explicit sanitization or filtering of retrieved web content is documented in the orchestration or agent logic.
Audit Metadata
Risk Level
SAFE
Analyzed
Feb 25, 2026, 12:05 AM