deep-research
Warn
Audited by Snyk on Mar 8, 2026
Risk Level: MEDIUM
Full Analysis
MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).
- Third-party content exposure detected (high risk: 0.90). The skill explicitly delegates cache-miss/refresh research to a "deep-researcher" agent that uses EXA web_search and code-context tools to fetch public web content (see SKILL.md "Agent Delegation" and WORKFLOW.md step 3b: "web_search_exa for concepts & guides"), meaning the agent reads untrusted third‑party web content which can influence its research outputs, caching, and promotion actions.
Audit Metadata