deep-research-main

SUSPICIOUS. The skill’s purpose is coherent and there is no clear credential theft or malicious exfiltration, but it grants a research agent high autonomy, background subagent execution, and broad ingestion of untrusted web content while retaining file-write capability. The main risk is indirect prompt injection and over-broad tool inheritance, with additional privacy exposure if third-party MCP search services are used.