deep-learning
Pass
Audited by Gen Agent Trust Hub on Mar 7, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill follows its stated purpose of orchestrating deep learning workflows without any detected malicious patterns or security bypasses.
- [EXTERNAL_DOWNLOADS]: The skill fetches external web content using the well-known Jina Reader service (r.jina.ai). This is a standard and safe method for extracting clean text from URLs for AI processing.
- [COMMAND_EXECUTION]: Implementation involves executing local bash scripts and the 'notebooklm' CLI tool to manage notebooks and generate artifacts like reports, podcasts, and slides.
- [DATA_EXPOSURE]: The skill reads and writes to specific local directories (~/.openclaw/workspace/deep-learning-output and a user-configured Obsidian vault) to manage and store research results. These operations are transparent and consistent with the skill's functionality.
- [PROMPT_INJECTION]: Includes a library of prompt templates (e.g., in config/prompts/basic.md) used to guide AI analysis. These are legitimate instructional prompts for summarizing and explaining concepts and do not contain malicious instructions.
- [INDIRECT_PROMPT_INJECTION]: As the skill ingests content from the web, it possesses an indirect prompt injection surface where malicious instructions on a webpage could theoretically influence the downstream NotebookLM generation. However, this is a known risk for any web-scraping tool and the skill itself implements no malicious code to exploit this.
Audit Metadata