Skills
skills/terrylica/cc-skills/gemini-deep-research/Gen Agent Trust Hub

gemini-deep-research

Pass

Audited by Gen Agent Trust Hub on Mar 12, 2026

Risk Level: SAFEPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill uses the Bun runtime to execute its own internal TypeScript scripts (e.g., scripts/research.ts) for browser automation tasks.\n- [EXTERNAL_DOWNLOADS]: Mentions the requirement for the playwright-core library, a well-known and trusted package used for browser control.\n- [DATA_EXFILTRATION]: Automates interaction with the well-known service gemini.google.com via a local Chrome DevTools Protocol (CDP) connection.\n- [PROMPT_INJECTION]: The skill has a surface for indirect prompt injection due to its processing of untrusted data from the web via Gemini.\n
  • Ingestion points: Large-form markdown research reports are extracted from the Gemini web interface by the scripts/research.ts script.\n
  • Boundary markers: The skill documentation does not specify the use of delimiters or instructions to ignore commands embedded within the retrieved research results.\n
  • Capability inventory: The skill environment permits the use of powerful tools including Bash, Read, Write, Glob, and Grep.\n
  • Sanitization: No sanitization, filtering, or verification procedures are mentioned for the content retrieved from the research session.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 12, 2026, 01:06 AM