crypto-market-rank
Pass
Audited by Gen Agent Trust Hub on Mar 20, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: Indirect Prompt Injection Surface
- Ingestion points: The skill ingests untrusted data from the
Social Hype LeaderboardAPI via fields likesocialSummaryBriefandsocialSummaryDetailwhich aggregate content from social media platforms (SKILL.md). - Boundary markers: The instructions do not define specific delimiters or instructions to the agent to ignore embedded commands within the social summaries.
- Capability inventory: The skill's capabilities are limited to performing network requests to retrieve market data. It lacks dangerous capabilities such as file system access, shell execution, or sensitive credential access.
- Sanitization: No explicit sanitization or validation of the text summaries is mentioned in the skill definition.
Audit Metadata