Skills
NYC
skills/z0gsh1u/oh-my-writing-skill/deep-research/Gen Agent Trust Hub

deep-research

Pass

Audited by Gen Agent Trust Hub on Feb 17, 2026

Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTION
Full Analysis
  • Indirect Prompt Injection (LOW): The skill fetches search results (titles and snippets) from the internet and feeds them directly into the agent's context. A malicious website could craft content that, when retrieved, attempts to override the agent's instructions.
  • Ingestion points: scripts/research.py uses the ddgs library to fetch web data.
  • Boundary markers: Absent; search results are interpolated into a Markdown report without explicit 'ignore' delimiters for the agent.
  • Capability inventory: The agent has access to powerful tools including Bash, Write, and Edit via SKILL.md.
  • Sanitization: None; the script performs no filtering or escaping of the retrieved web content.
  • Unverifiable Dependencies (LOW): The skill requires the installation of the ddgs Python package via pip. While common for this task, it introduces a dependency on external code that is not pinned to a specific version or hash.
  • Command Execution (SAFE): The skill uses the Bash tool to execute a local Python script (scripts/research.py). This is a standard and intended use of the tool for this skill's functionality.
Audit Metadata
Risk Level
SAFE
Analyzed
Feb 17, 2026, 05:45 PM