researchers-financial
Pass
Audited by Gen Agent Trust Hub on Feb 22, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS] (LOW): The skill uses
WebFetchandWebSearchto access various external financial domains (e.g., seekingalpha.com, bloomberg.com, reorg.com) that are not on the trusted whitelist. This is inherent to its research function but represents a point of contact with external, untrusted sources. - [PROMPT_INJECTION] (LOW): The skill is vulnerable to indirect prompt injection (Category 8) because it processes untrusted data from the web and has the capability to write to the local filesystem. There are no defined boundary markers or sanitization procedures to prevent the agent from acting on malicious instructions hidden within fetched financial reports or websites. Evidence: Ingestion point (
WebFetchandWebSearchin SKILL.md), Capability inventory (Write,Edit,Grepin SKILL.md), Boundary markers (Absent), Sanitization (Absent).
Audit Metadata