crypto-report
Pass
Audited by Gen Agent Trust Hub on Mar 10, 2026
Risk Level: SAFE
Full Analysis
- [INDIRECT_PROMPT_INJECTION]: The skill processes untrusted external data which presents a surface for indirect prompt injection.
- Ingestion points: Processes project documentation, news articles, and market metrics provided in user prompts or external context (SKILL.md).
- Boundary markers: None detected; the skill does not explicitly instruct the agent to ignore commands embedded within the data being analyzed.
- Capability inventory: Utilizes
office-mcptools (create_docx,create_xlsx,create_chart) which perform file-system write operations to generate reports. - Sanitization: No evidence of sanitization or validation of input data before it is interpolated into the final report structure.
- [EXTERNAL_DOWNLOADS]: The skill references an external Model Context Protocol (MCP) server
office-mcpto perform document and chart creation tasks. These tools are consistent with the skill's stated purpose of generating research reports.
Audit Metadata