deep-research
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFE
Full Analysis
- [Indirect Prompt Injection] (SAFE): The skill ingests untrusted data from the web as its primary function. 1. Ingestion points: WebFetch and Playwright (SKILL.md, Phase 2 and 3). 2. Boundary markers: Absent. 3. Capability inventory: WebSearch, WebFetch, Playwright, Grep, Glob, Read. 4. Sanitization: Absent. The risk is mitigated by the research workflow's requirement for cross-verification across multiple independent sources.
- [Data Exposure] (SAFE): Local file access tools (Grep, Glob, Read) are utilized specifically for codebase research. No attempts to access sensitive system files, environment variables, or hardcoded credentials were detected.
- [External Downloads] (SAFE): Network-based search and fetch operations are standard requirements for information gathering. No patterns of remote code execution, piped shell scripts, or suspicious package installations from untrusted sources were found.
Audit Metadata