deep-research
Pass
Audited by Gen Agent Trust Hub on Mar 29, 2026
Risk Level: SAFE
Full Analysis
- [PROMPT_INJECTION]: No evidence of prompt injection or instructions to bypass safety guardrails was found. The instructions are focused exclusively on improving research quality and structural integrity.\n- [DATA_EXFILTRATION]: No sensitive local data access or unauthorized network transmissions were detected. Network access is restricted to legitimate web search and content fetching as required for the skill's primary function.\n- [OBFUSCATION]: No obfuscated code, encoded strings, or hidden characters were found in the skill's documentation, templates, or configuration files.\n- [REMOTE_CODE_EXECUTION]: The skill does not download or execute untrusted remote scripts. Tool usage is limited to established search and fetch capabilities within the agent environment (e.g., WebSearch, WebFetch, Firecrawl, Exa).\n- [INDIRECT_PROMPT_INJECTION]: The skill has a defined surface for indirect prompt injection as it ingests untrusted content from the web. However, this is inherent to its purpose and is mitigated by the 'Anti-Hallucination Protocol' in 'references/quality-standards.md'.\n
- Ingestion points: External web content is ingested via web fetch tools in
SKILL.md(Phase 3: Read).\n - Boundary markers: The skill relies on narrative cross-referencing and quality gate checklists rather than technical delimiters for fetched data.\n
- Capability inventory: The skill possesses
filesystemWriteandshellcapabilities as specified inskill.jsonfor report generation and tool orchestration.\n - Sanitization: The workflow emphasizes source verification and tiering rather than technical sanitization of external markup.
Audit Metadata