deepvista-recipe-analyze-notes
Pass
Audited by Gen Agent Trust Hub on Apr 7, 2026
Risk Level: SAFE
Full Analysis
- [COMMAND_EXECUTION]: The skill utilizes vendor-authorized CLI tools (
deepvista) to interact with notes. These commands are necessary for the skill's purpose and are used according to standard practices. - [DATA_EXFILTRATION]: While the skill reads user note content, the access is restricted to the platform's own tools. No evidence of unauthorized network transmission or exfiltration to external domains was found.
- [PROMPT_INJECTION]: The skill processes content from user notes, which represents a surface for indirect prompt injection. Ingestion points: Note content is fetched using
deepvista notes getinSKILL.md. Boundary markers: Absent; there are no instructions to isolate retrieved content or disregard embedded instructions. Capability inventory: The skill can search, read, and write data via thedeepvistaCLI. Sanitization: Absent; no content filtering is performed. This is a low-risk finding inherent to data-processing tasks.
Audit Metadata