market-index
Pass
Audited by Gen Agent Trust Hub on Feb 20, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- PROMPT_INJECTION (LOW): Indirect Prompt Injection Surface. The skill processes and displays untrusted data (market questions, descriptions, and URLs) from external platforms like Polymarket and Kalshi.\n
- Ingestion points: External market data is ingested through the
indexService.syncandindexService.searchcalls withinindex.ts.\n - Boundary markers: The output generated in
index.tsdoes not use delimiters or explicit instructions to the agent to treat the market data as untrusted, increasing the risk of the agent following instructions embedded in market titles.\n - Capability inventory: The skill utilizes an internal service that performs network requests and maintains a local database (
market-index.db).\n - Sanitization: There is no evidence of sanitization or filtering of the external strings before they are returned to the agent context.
Audit Metadata