Skills
skills/zenobi-us/dotfiles/deep-research/Gen Agent Trust Hub

deep-research

Pass

Audited by Gen Agent Trust Hub on Feb 17, 2026

Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
  • [PROMPT_INJECTION] (LOW): Indirect Prompt Injection vulnerability surface. The skill is designed to fetch external data using webfetch and gh_grep and subsequently process that data with tools like bash and write. It lacks specific boundary markers or instructions to the agent to treat external content as data rather than instructions, creating a surface where a malicious website or repository could control the agent. \n
  • Ingestion points: Web content from webfetch, repository data from gh_grep. \n
  • Boundary markers: Absent. No specific delimiters or 'ignore instructions' warnings are provided. \n
  • Capability inventory: bash (command execution), write (file modification), webfetch (network access), skill_use (dynamic loading). \n
  • Sanitization: Absent. \n- [COMMAND_EXECUTION] (SAFE): The skill includes access to a bash tool for data processing. While powerful, the skill provides legitimate use-cases (data processing/statistical analysis) and instructs the agent to use it sparingly. No malicious commands are hardcoded. \n- [EXTERNAL_DOWNLOADS] (SAFE): The skill utilizes webfetch and gh_grep to retrieve data. This behavior is consistent with the primary purpose of a research skill and does not include hardcoded malicious URLs.
Audit Metadata
Risk Level
SAFE
Analyzed
Feb 17, 2026, 06:13 PM