deep-research
Pass
Audited by Gen Agent Trust Hub on Apr 30, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill uses dynamic context injection in
SKILL.mdvia the commanddate +%Y-%m-%d. This is a benign operation used solely to scope research recency and establish report timestamps. - [SAFE]: The skill identifies and uses standard developer tools such as
pandocandmd-to-pdf(Node.js) for report generation. These are listed in theallowed-toolsfrontmatter and used for their intended purpose of format conversion. - [SAFE]: The skill defines a research loop that ingests external web data using
WebSearchandWebFetch. While this creates an indirect prompt injection surface, the skill implements strong defensive practices: it mandates multi-source validation for critical claims, requires inline citations for every assertion, and instructs the agent to flag source conflicts and low-confidence data explicitly. This reduces the risk of the agent adopting instructions or false data from a single malicious external source.
Audit Metadata