deep-research
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFE
Full Analysis
- [SAFE] (SAFE): No malicious patterns, obfuscation, or data exfiltration attempts were detected.
- Credential Security: The skill correctly implements API key retrieval via environment variables, avoiding the risk of hardcoded secrets.
- Network Operations: The script exclusively communicates with official Google API endpoints (ai.google.dev), which are categorized as trusted.
- File Handling: Local file system operations are limited to reading user-specified research context and writing output reports, matching the tool's intended purpose.
- Indirect Prompt Injection (LOW): The skill features a data ingestion surface where external file content is processed by the AI. 1. Ingestion points:
scripts/research.pyvia the--fileparameter. 2. Boundary markers: Absent in the prompt construction. 3. Capability inventory: Recursive file reading, network uploads to Gemini APIs, and local file creation. 4. Sanitization: None. This risk is acknowledged but considered inherent to the skill's primary function of document-based research.
Audit Metadata