deepseek
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFE
Full Analysis
- [COMMAND_EXECUTION] (SAFE): The skill uses standard bash and curl commands to interact with the official DeepSeek API endpoints. There is no evidence of command injection or unsafe execution of untrusted input.
- [CREDENTIALS_UNSAFE] (SAFE): The skill handles the DEEPSEEK_API_KEY using environment variables and metadata declarations (vm0_secrets), which is the recommended secure method for managing secrets in this environment.
- [DATA_EXFILTRATION] (SAFE): Network activity is restricted to the official deepseek.com domain for the express purpose of using the service. No unauthorized data transfer or exfiltration to unknown third parties was found.
- [PROMPT_INJECTION] (SAFE): While the skill acts as a bridge to an external LLM, it does not include instructions that bypass safety filters or automatically execute code from the API's responses.
Audit Metadata