deep-research
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFEPROMPT_INJECTIONNO_CODE
Full Analysis
- [Prompt Injection] (LOW): The skill's ingestion and synthesis of untrusted external data for research purposes creates a surface for indirect prompt injection. 1. Ingestion points: Web search results from forum.juce.com and GitHub issues as defined in the Level 2 and Level 3 research protocols (references/research-protocol.md). 2. Boundary markers: The provided report templates in the assets/ directory do not include structural delimiters or specific instructions to ignore malicious embedded content within the ingested data. 3. Capability inventory: The skill utilizes local Grep for file searching, WebSearch for network retrieval, and a Task tool for spawning subagents with high-level model access (Claude Opus). 4. Sanitization: No sanitization, escaping, or validation of external input is implemented in the synthesis logic.
- [No Code] (SAFE): No executable script files such as Python, JavaScript, or binary executables were detected in the skill payload; the skill is comprised of documentation and configuration files.
Audit Metadata