res-deep
Pass
Audited by Gen Agent Trust Hub on Mar 11, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill downloads the 'uv' package manager installation script from 'astral.sh' and executes it via the shell. Astral is a well-known organization in the Python ecosystem, and this is their official installation method.
- [COMMAND_EXECUTION]: Utilizes the macOS 'security' command-line tool to manage a dedicated local keychain for API keys. This practice follows local security standards for credential storage.
- [PROMPT_INJECTION]: As a research tool, the skill possesses an inherent surface for indirect prompt injection from processed web content. * Ingestion points: Data enters the agent context through WebSearch, WebFetch, and the scrapling headless browser as defined in SKILL.md. * Boundary markers: The output templates in references/output-frameworks.md do not use explicit delimiters to isolate external research data. * Capability inventory: The skill is capable of executing local Python scripts and accessing the macOS keychain utility. * Sanitization: Content is synthesized using engagement-weighting logic rather than explicit string sanitization.
Audit Metadata