gate-info-coinanalysis
Pass
Audited by Gen Agent Trust Hub on Mar 12, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill exhibits an attack surface for indirect prompt injection (Category 8) because it processes content from external sources. \n- Ingestion points: The tools news_feed_search_news and news_feed_get_social_sentiment (defined in SKILL.md) fetch data from the internet which is then processed by the LLM. \n- Boundary markers: The skill lacks explicit boundary markers or instructions to ignore commands within the fetched data inside its report template. \n- Capability inventory: Across all files (README.md, SKILL.md), the skill is limited to read-only data aggregation and display; no file-write, system command execution, or network-send capabilities are present. \n- Sanitization: There is no evidence of sanitization or filtering for the data retrieved from news or social feeds.
Audit Metadata