deep-research-agent
Pass
Audited by Gen Agent Trust Hub on Mar 10, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill does not contain any detected malicious patterns, obfuscated code, or unauthorized network operations. It follows a structured workflow using internal resources and standard file management tools.
- [COMMAND_EXECUTION]: The skill executes provided local Python scripts (
init_research.pyandmd_to_html.py) to automate project setup and report rendering. These operations are restricted to the local research workspace and perform legitimate tasks necessary for the skill's primary function. - [PROMPT_INJECTION]: The skill exhibits an attack surface for indirect prompt injection due to its core function of processing external research data.
- Ingestion points: Research data gathered from external searches is stored in the
materials/raw/directory. - Boundary markers: The skill lacks explicit delimiters or instructions to ignore commands embedded within the gathered research materials.
- Capability inventory: The agent possesses file system access (
file_write,file_update) and the ability to execute its internal Python scripts. - Sanitization: While the
md_to_html.pyscript performs HTML escaping for final rendering, no sanitization or validation is applied to the research data before it is processed by the agent to generate report content.
Audit Metadata