crypto-report
Pass
Audited by Gen Agent Trust Hub on Mar 9, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill instructions and metadata do not contain any malicious patterns, obfuscation, or unauthorized command execution.
- [INDIRECT_PROMPT_INJECTION]: Analysis of the data ingestion surface shows that the skill processes untrusted user-provided data (e.g., project descriptions, news) to populate research reports.
- Ingestion points: User-supplied project names, blockchain metrics, and news context in SKILL.md.
- Boundary markers: The report templates do not utilize specific delimiters to isolate external text.
- Capability inventory: Limited to create_docx, create_xlsx, and create_chart from the office-mcp server; no access to system shells or network operations.
- Sanitization: There is no evidence of sanitization for project-specific text before it is inserted into the final report document.
Audit Metadata