Bankr Dev - Market Research
Pass
Audited by Gen Agent Trust Hub on Feb 15, 2026
Risk Level: LOWPROMPT_INJECTIONNO_CODE
Full Analysis
- PROMPT_INJECTION (LOW): The skill creates a surface for indirect prompt injection by defining operations that ingest data from external, attacker-controlled sources (sentiment and social mentions). \n
- Ingestion points: Operation templates such as 'What's the sentiment on {token}?' and 'Check social mentions for {token}' fetch data from the open web.\n
- Boundary markers: The skill lacks delimiters or specific instructions to the agent to disregard embedded commands within the retrieved market data or sentiment strings.\n
- Capability inventory: The skill is primarily focused on data retrieval and analysis (prices, charts, and market metrics).\n
- Sanitization: No sanitization or filtering logic is specified for the external content before it is processed by the agent.\n- NO_CODE (SAFE): The provided file (SKILL.md) is purely informational, containing markdown documentation and natural language prompt patterns without any executable scripts, binaries, or active code logic.
Audit Metadata