deep-research
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFE
Full Analysis
- PROMPT_INJECTION (SAFE): The user input gathered in
scripts/run_deep_research.pyis intended to be the actual prompt for a research agent. While this is an indirect ingestion surface, it is the primary function of the tool. There are no attempts to bypass safety filters or ignore prior instructions in the skill itself. - DATA_EXPOSURE (SAFE): The skill uses a
.envfile to manage theOPENAI_API_KEY. This is standard developer practice. No evidence was found of exfiltrating sensitive local files or hardcoding real secrets. - UNVERIFIABLE_DEPENDENCIES (SAFE): The project depends on the official
openaiPython package. No malicious remote script executions or suspicious third-party packages were detected. - COMMAND_EXECUTION (SAFE):
scripts/run_deep_research.pyusessubprocess.runto callassets/deep_research.py. This is used for legitimate internal orchestration and uses argument lists to prevent shell injection. - PERSISTENCE (SAFE): No attempts to modify system startup files or cron jobs were detected.
- OBFUSCATION (SAFE): The code is clear and does not use encoding or hidden characters to mask behavior.
Audit Metadata