Skills
skills/weizhena/deep-research-skills/research-deep/Gen Agent Trust Hub

research-deep

Pass

Audited by Gen Agent Trust Hub on Mar 10, 2026

Risk Level: SAFECOMMAND_EXECUTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill invokes a Python script (validate_json.py) located at /home/weizhena/.codex/skills/research/ to verify research output. This is a vendor-provided tool used within the researcher's local environment.
  • [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection as it ingests content from outline.yaml and fields.yaml to generate prompts and command arguments without sanitization or boundary markers.
  • Ingestion points: Data is read from outline.yaml (Step 1) and fields.yaml (Step 3) in the current working directory.
  • Boundary markers: No delimiters or safety instructions are used to wrap the interpolated YAML content in the prompt template.
  • Capability inventory: The skill possesses the capability to execute shell commands via the python interpreter to run the validation script.
  • Sanitization: No validation, escaping, or filtering is applied to the YAML values before they are used to build the command-line string or the agent prompt.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 10, 2026, 07:06 PM