gemini-deep-research
Pass
Audited by Gen Agent Trust Hub on Mar 11, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [SAFE]: The skill performs network operations exclusively with the official Google Generative Language API endpoints (googleapis.com), which is a trusted technology provider.
- [EXTERNAL_DOWNLOADS]: The Python script utilizes the standard
requestslibrary to handle interactions with the Gemini API. - [PROMPT_INJECTION]: The skill possesses an attack surface for indirect prompt injection due to its core function of retrieving and processing untrusted content from the public web.
- Ingestion points: The script
scripts/deep_research.pyingests research results gathered from the web by the Gemini Deep Research agent. - Boundary markers: There are no explicit delimiters or specific instructions within the script to prevent the agent from following commands that might be embedded in the retrieved web content.
- Capability inventory: The script has capabilities to perform network requests (
requests.post/requests.get) and write research reports to the local file system (Path.write_text). - Sanitization: The skill does not perform local sanitization of the synthesized reports, instead relying on the safety filters built into the Gemini API.
Audit Metadata