deep-research
Pass
Audited by Gen Agent Trust Hub on Mar 25, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill uses tools like WebSearch, WebFetch, and Bash to perform its stated research functions. These operations are aligned with the skill's purpose and follow a structured validation process.
- [DATA_EXPOSURE]: Access to local files is restricted to specific directories within ".claude/context/" for report generation and memory management, which is standard practice for this type of agent skill.
- [COMMAND_EXECUTION]: The provided Node.js scripts (main.cjs and hooks) are currently scaffolds with no dangerous logic or external command execution beyond basic logging and help output.
- [REMOTE_CODE_EXECUTION]: No evidence of remote script execution or unverifiable package installation was found. The use of "pnpm search:code" is consistent with searching local prior art as described in the methodology.
Audit Metadata