Deep Agents Memory & Filesystem
Pass
Audited by Gen Agent Trust Hub on Mar 2, 2026
Risk Level: SAFECOMMAND_EXECUTION
Full Analysis
- Filesystem Access Capabilities: The skill defines tools for standard filesystem operations including reading, writing, and modifying files. These capabilities are intended for local development and are documented with specific safety warnings for web environments.
- Path Traversal Mitigations: The documentation highlights the use of
virtual_modeto ensure that file operations remain restricted to a designated root directory, preventing access to sensitive system files. - Approval Checkpoints: The implementation of human-in-the-loop interrupts for write and edit operations provides a security layer by requiring explicit authorization for state-changing actions.
- External Data Ingestion: By allowing agents to read local files, the skill creates a surface where external content can enter the agent's prompt context. This is a common pattern in retrieval-augmented agents and is managed here through isolated backends.
Audit Metadata