deepagents-planning-todos
Pass
Audited by Gen Agent Trust Hub on Feb 18, 2026
Risk Level: SAFE
Full Analysis
- SAFE (SAFE): No malicious patterns, obfuscation, or unauthorized access attempts were found across the 7 files analyzed. The code follows standard Python and AI agent development practices.
- Prompt Injection (SAFE): System instructions in agent.py and SKILL.md focus strictly on task decomposition and status management. No override or bypass markers are present.
- Data Exposure & Exfiltration (SAFE): Environment variables are handled via .env.example with standard placeholders. No sensitive file access or exfiltration logic was detected.
- Unverifiable Dependencies (SAFE): The pyproject.toml file specifies standard, reputable packages. No suspicious third-party packages or remote scripts are included. Usage of uv for environment management is standard.
- Indirect Prompt Injection (LOW): The agent processes data via simulated search and read tools. While this is an attack surface, the use of simulated outputs and the requirement for user approval on plans provide significant mitigation.
Audit Metadata