tracking-crypto-prices
Pass
Audited by Gen Agent Trust Hub on Feb 27, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill exhibits an indirect prompt injection attack surface (Category 8).
- Ingestion points: External market data, including coin names and descriptions, is fetched from the CoinGecko and Yahoo Finance APIs within
scripts/api_client.py. - Boundary markers: The output formatting logic in
scripts/formatters.pydoes not implement delimiters or explicit instructions to prevent the agent from following potential commands embedded in the fetched data. - Capability inventory: The skill is permitted to use
Bash(python:*),Read, andWritetools, which provide a vector for exploitation if the ingested data is manipulated. - Sanitization: No filtering or sanitization is applied to the content of the API responses prior to presentation to the agent.
Audit Metadata