us-govt-data
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFEPROMPT_INJECTIONDATA_EXFILTRATION
Full Analysis
- [Indirect Prompt Injection] (LOW): The skill processes untrusted external data from SEC filings, which creates a surface for indirect prompt injection where an attacker could embed instructions in a public filing to manipulate the agent.
- Ingestion points: Filings are fetched from sec.gov in fetch_filing.py (line 117) and converted to text for agent consumption.
- Boundary markers: Absent. The script does not wrap extracted content in delimiters or include warnings for the agent to ignore embedded instructions.
- Capability inventory: Safe. The script only outputs data to stdout; it does not utilize subprocess, eval, or file-writing capabilities.
- Sanitization: The script uses MLStripper to remove HTML tags, but it does not perform semantic sanitization to detect or neutralize malicious instructions within the text.
- [Data Exposure & Exfiltration] (LOW): The script performs network operations using the 'requests' library targeting 'sec.gov' and 'data.sec.gov'. While these are official domains required for the skill's primary purpose, they are not on the predefined whitelist of trusted destinations. No sensitive local files are accessed or exfiltrated.
Audit Metadata