deep-research
Pass
Audited by Gen Agent Trust Hub on Mar 7, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill implements a legitimate research workflow using built-in tools for their intended purpose. It does not contain hardcoded credentials, obfuscated logic, or unauthorized system commands.
- [PROMPT_INJECTION]: Indirect Prompt Injection Risk Assessment:
- Ingestion points: Untrusted content is fetched from the web via the WebFetch tool.
- Boundary markers: There are no explicit delimiters defined in the instructions to separate fetched content from system instructions.
- Capability inventory: The skill has access to WebSearch and WebFetch tools.
- Sanitization: No specific filtering or sanitization steps are defined for processing external web data.
- Note: While this establishes a standard attack surface for web-based research skills, there is no evidence of malicious intent or instructions within the skill itself.
Audit Metadata