deep-research
Pass
Audited by Gen Agent Trust Hub on Mar 4, 2026
Risk Level: SAFEPROMPT_INJECTIONNO_CODE
Full Analysis
- [PROMPT_INJECTION]: The skill directs the agent to gather information from a broad range of external, untrusted sources such as social media, blogs, and forums, which is a known vector for indirect prompt injection.\n
- Ingestion points: methodology.md (specifies searches across Google, Bing, Reddit, HN, and Twitter/X).\n
- Boundary markers: Absent; there are no instructions to use delimiters or specific safety markers for processed data.\n
- Capability inventory: SKILL.md (no executable files or subprocess logic provided).\n
- Sanitization: Absent; no instruction-filtering or sanitization logic is present to handle malicious strings in web content.\n- [NO_CODE]: The skill consists entirely of markdown instructions and JSON metadata. No Python or Node.js scripts are included, eliminating the risk of system-level exploitation or unauthorized script execution within the skill itself.
Audit Metadata