stock-analysis
Warn
Audited by Gen Agent Trust Hub on Feb 19, 2026
Risk Level: MEDIUMEXTERNAL_DOWNLOADSCOMMAND_EXECUTION
Full Analysis
- EXTERNAL_DOWNLOADS (MEDIUM): The skill utilizes
npx ticker-cliacross multiple documentation files.npxfetches and executes the package from the npm registry at runtime. Since the package is not from a trusted organization or repository defined in the security policy, its behavior cannot be statically verified.\n- COMMAND_EXECUTION (MEDIUM): The reference guides provide examples of shell automation using loops and variable interpolation (e.g.,npx ticker-cli quote $WATCHLIST). This pattern is susceptible to command injection if the input symbols are dynamically generated from untrusted sources without proper sanitization.\n- PROMPT_INJECTION (LOW): The skill is vulnerable to Indirect Prompt Injection (Category 8). It retrieves and processes data from external sources such as Yahoo Finance news and insights.\n - Ingestion points: Tool output from
ticker-cli newsandticker-cli insightsinreferences/daily-report.md.\n - Boundary markers: Absent. There are no instructions to the agent to isolate or treat tool output as untrusted.\n
- Capability inventory: Shell command execution via
npx.\n - Sanitization: Absent. The data is processed as raw text for report generation.
Audit Metadata