Skills
skills/unifuncs/skills/unifuncs-deep-search/Gen Agent Trust Hub

unifuncs-deep-search

Pass

Audited by Gen Agent Trust Hub on Mar 28, 2026

Risk Level: SAFE
Full Analysis
  • [COMMAND_EXECUTION]: The script deep-search-report.py uses subprocess.Popen to spawn a background process of itself. This implementation allows the skill to continue receiving streaming API responses even if the initial agent interaction times out. The command is executed as a list using sys.executable, which avoids shell injection vulnerabilities.
  • [EXTERNAL_DOWNLOADS]: The skill communicates with the official UniFuncs API (api.unifuncs.com) to submit search queries and retrieve results. These network operations are core to the skill's primary function and target the vendor's own infrastructure.
  • [PROMPT_INJECTION]: The skill processes external search data from the web, which constitutes an indirect prompt injection surface. The risk is minimized by the skill's targeted use case and standard agent guardrails.
  • Ingestion points: Search report content is ingested from the UniFuncs API in deep-search-report.py and deep-search-query-task.py.
  • Boundary markers: Not explicitly defined in the scripts; the agent receives the search report text directly.
  • Capability inventory: Network access to api.unifuncs.com, self-invocation via subprocess, and temporary file persistence.
  • Sanitization: None; the tool provides raw search data for the agent to process.
  • [CREDENTIALS_UNSAFE]: The skill properly manages secrets by instructing users to set the UNIFUNCS_API_KEY environment variable, rather than hardcoding credentials or storing them in insecure local files.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 28, 2026, 08:34 AM