deep-research
Pass
Audited by Gen Agent Trust Hub on Mar 8, 2026
Risk Level: SAFE
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill leverages EXA web search tools to retrieve technical information and concepts. This is the core functionality of the skill and utilizes a well-known research service for information gathering.
- [COMMAND_EXECUTION]: Executes a local
gitcommand to resolve the repository's top-level directory. This is used for project-scoped caching and is implemented safely using a fixed argument list insubprocess.runwithout shell invocation. - [SAFE]: Manages research results through local file operations in
~/.claude/plugins/research/and the project'sdocs/research/folder. All file paths are constructed using a slug normalization process that sanitizes input and prevents directory traversal vulnerabilities.
Audit Metadata