company-analyzer
Pass
Audited by Gen Agent Trust Hub on Mar 13, 2026
Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTIONEXTERNAL_DOWNLOADSCREDENTIALS_UNSAFE
Full Analysis
- [PROMPT_INJECTION]: The skill is vulnerable to indirect prompt injection because it fetches unvetted company descriptions and financial summaries from Yahoo Finance and SEC EDGAR and interpolates them directly into LLM prompts.
- Ingestion points:
fetch_data.shretrieves thelongBusinessSummaryfield from Yahoo Finance and company facts from SEC EDGAR. - Boundary markers: Absent; external data is placed under a "Raw Data" header in
run-framework.shwithout delimiters or instructions to ignore embedded commands. - Capability inventory: The skill can write files to the
assets/directory, execute local bash scripts, and perform network requests viacurl(as seen infetch_data.sh). - Sanitization: No sanitization or filtering is applied to the text content retrieved from external APIs before it is sent to the LLM.
- [COMMAND_EXECUTION]: The skill relies on the execution of multiple local bash scripts (
analyze-pipeline.sh,fetch_data.sh,run-framework.sh) to orchestrate its 8-stage analysis pipeline. - [EXTERNAL_DOWNLOADS]: Fetches structured financial data from well-known and trusted services, including Yahoo Finance (
query2.finance.yahoo.com), SEC EDGAR (data.sec.gov), and Alpha Vantage (alphavantage.co). - [CREDENTIALS_UNSAFE]: The script
fetch_data.shaccesses the user's Alpha Vantage API key from the OpenClaw configuration file located at~/.openclaw/agents/main/agent/auth-profiles.json. While this is a documented feature of the skill, it involves reading sensitive credential files.
Audit Metadata