Skills
skills/kortix-ai/kortix-registry/deep-research/Gen Agent Trust Hub

deep-research

Pass

Audited by Gen Agent Trust Hub on Mar 3, 2026

Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill utilizes standard shell commands such as mkdir for creating research directory structures and grep or glob for searching through local research data and previous projects.\n- [EXTERNAL_DOWNLOADS]: Fetches scientific metadata and abstracts from the OpenAlex API using curl. It also gathers web content via web-search and scrape-webpage based on user-defined research topics.\n- [PROMPT_INJECTION]: The skill has an indirect prompt injection surface as it processes untrusted content from the web and third-party APIs.\n
  • Ingestion points: External data is ingested through the scrape-webpage tool and curl responses from the OpenAlex API.\n
  • Boundary markers: The 'Search-Read-Extract' loop acts as a functional boundary by saving raw content to the filesystem and only processing distilled 'notes' within the primary context.\n
  • Capability inventory: Includes filesystem access (mkdir, grep), networking (curl), and web search/scraping tools.\n
  • Sanitization: There are no explicit instructions for sanitizing or filtering external content before the extraction of research findings.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 3, 2026, 08:35 AM