trade-prediction-markets
Pass
Audited by Gen Agent Trust Hub on Mar 9, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill facilitates dynamic code generation and execution. It uses the mcp__workbench__create_prediction_market_strategy tool to generate Python logic which is then executed by mcp__workbench__run_prediction_market_backtest.
- [PROMPT_INJECTION]: The skill possesses an indirect prompt injection surface. 1. Ingestion points: Untrusted data is ingested via get_all_prediction_events (market categories and descriptions) and get_prediction_market_data. 2. Boundary markers: No explicit delimiters or instructions to ignore embedded commands are present in the defined tools or workflows. 3. Capability inventory: The skill has the capability to execute code via run_prediction_market_backtest and create strategies based on descriptions. 4. Sanitization: There is no documented validation or sanitization of market data before it is incorporated into strategy generation.
Audit Metadata