generate-stock-reports
Pass
Audited by Gen Agent Trust Hub on Feb 25, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill files (SKILL.md, README.md, and EXAMPLES.md) describe a legitimate workflow for financial research. The instructions guide the agent to use the WebSearch tool for information gathering and the Write tool to save reports locally, which is consistent with the skill's stated purpose.
- [PROMPT_INJECTION]: The skill processes untrusted web data, creating a surface for indirect prompt injection. (1) Ingestion points: Web content is ingested through the WebSearch tool as described in SKILL.md. (2) Boundary markers: The instructions lack specific delimiters to isolate external content from the agent's core logic. (3) Capability inventory: The skill has access to WebSearch and the ability to Write files locally (SKILL.md). (4) Sanitization: There are no explicit instructions for sanitizing or filtering the content retrieved from the web. This risk is inherent to research skills and is considered safe in the context of this tool's primary function.
Audit Metadata