deep-research
Pass
Audited by Gen Agent Trust Hub on Mar 18, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill possesses a surface for indirect prompt injection by ingesting and processing content from external, untrusted search tools.\n
- Ingestion points: Research results obtained from Sourcebot, Context7, and Perplexity.\n
- Boundary markers: The instructions do not specify any delimiters or safety prompts to distinguish external data from system instructions during processing.\n
- Capability inventory: The skill utilizes tools including
codebase_searchfor local exploration and variousmcp__zentools for architectural analysis and code refactoring.\n - Sanitization: There is no evidence of content sanitization or validation of the external research data before it is used to synthesize analysis or implementation plans.
Audit Metadata