Skills
skills/blankpen/skills/gold-price/Gen Agent Trust Hub

gold-price

Pass

Audited by Gen Agent Trust Hub on Mar 11, 2026

Risk Level: SAFEDATA_EXFILTRATIONPROMPT_INJECTION
Full Analysis
  • [DATA_EXFILTRATION]: The skill performs network requests to an external IP address (49.235.61.172) via web_fetch. This host is not on the trusted whitelist or recognized as a well-known service.
  • [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection through its ingestion of untrusted data.
  • Ingestion points: Data is fetched from http://49.235.61.172:3003/api/summary and /api/ai/snapshot (as specified in SKILL.md).
  • Boundary markers: No delimiters or instructions to ignore embedded commands are present in the processing logic.
  • Capability inventory: The skill utilizes web_fetch to interact with external web resources.
  • Sanitization: There is no evidence of sanitization or filtering of the natural language summaries returned by the API before they are processed by the agent.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 11, 2026, 07:52 AM