res-deep
Pass
Audited by Gen Agent Trust Hub on Mar 14, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSREMOTE_CODE_EXECUTIONPROMPT_INJECTION
Full Analysis
- [SAFE]: No malicious patterns or security threats were identified. The skill is designed for research and uses standard developer tools and secure credential storage. \n- [COMMAND_EXECUTION]: Employs the macOS
securityutility to create and access a dedicated keychain for storing xAI API keys. This practice avoids exposing secrets in plain text or shell history. \n- [EXTERNAL_DOWNLOADS]: Recommends the installation of theuvtool fromastral.sh. Astral is a recognized and trusted vendor in the Python ecosystem. \n- [REMOTE_CODE_EXECUTION]: Includes setup instructions that pipe a script fromastral.shtoshfor the installation ofuv. This is a trusted source, and the pattern is common for this tool. \n- [PROMPT_INJECTION]: As a tool for web research, the skill ingests and processes untrusted data from multiple sources like Reddit, X, and GitHub, which represents a surface for indirect prompt injection. \n - Ingestion points: Data is collected from Claude's
WebSearch,WebFetch, and xAI API results. \n - Boundary markers: Not explicitly defined in the provided instructions. \n
- Capability inventory: The skill can manage keychains, perform network requests, and write to local files. \n
- Sanitization: Data is synthesized and weighted based on engagement signals rather than sanitized for malicious instructions.
Audit Metadata