fin-guru-research
Pass
Audited by Gen Agent Trust Hub on Feb 22, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [Prompt Injection] (LOW): Indirect prompt injection surface detected. The skill is designed to ingest and process market intelligence from untrusted external sources.
- Ingestion points: Step 2 (Data Collection) in SKILL.md involves gathering intelligence from multiple external sources.
- Boundary markers: The skill requires citations with 'START/END' tags, which provide rudimentary but insufficient delimitation.
- Capability inventory: The workflow integrates several local CLI tools (screener_cli.py, moving_averages_cli.py, etc.) to process the collected data.
- Sanitization: No explicit sanitization, instruction-filtering, or safety-specific validation of the ingested external content is defined.
Audit Metadata