prediction-market-agents
Pass
Audited by Gen Agent Trust Hub on Mar 6, 2026
Risk Level: SAFEPROMPT_INJECTIONNO_CODE
Full Analysis
- [PROMPT_INJECTION]: The skill describes an architecture for agents that ingest and analyze untrusted data from external sources (news, social media) to make automated trading decisions. This setup is vulnerable to indirect prompt injection if the ingested data contains instructions designed to manipulate the agent's behavior.
- Ingestion points: Data is gathered from Twitter/X, Reddit, Telegram, and general news feeds (SKILL.md).
- Boundary markers: The framework does not specify the use of delimiters or instructions for the agent to ignore embedded commands within processed content.
- Capability inventory: The described agent has the capability to execute financial trades, manage positions, and interact with platform APIs such as Polymarket and Kalshi (SKILL.md, deep-reference.md).
- Sanitization: No sanitization, filtering, or validation mechanisms are described for the external data before it is processed by the LLM.
- [NO_CODE]: The skill consists primarily of markdown documentation and a container file. It does not include executable scripts, automation code, or configuration files that perform actions directly.
Audit Metadata