portfolio-manager
Pass
Audited by Gen Agent Trust Hub on Mar 9, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection due to its workflow of ingesting untrusted data from the web.
- Ingestion points: The skill uses WebSearch to fetch fundamental data, analyst ratings, and recent company news in Step 2.2 of SKILL.md.
- Boundary markers: There are no explicit instructions to the agent to ignore or delimit instructions found within the retrieved news content.
- Capability inventory: The agent has the capability to write files to the repository (Step 6) and perform network operations via the Alpaca MCP tools.
- Sanitization: No sanitization or validation of the retrieved web content is specified before it is incorporated into the analysis context.
Audit Metadata