trading-strategist
Fail
Audited by Gen Agent Trust Hub on Feb 15, 2026
Risk Level: HIGHPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION] (HIGH): The skill is susceptible to indirect prompt injection through its ingestion of external market sentiment data. \n- Ingestion points: Untrusted data is retrieved from crypto RSS news feeds and processed via an external 'market-sentiment' skill referenced in
SKILL.md. \n- Boundary markers: The skill fails to provide markers or instructions to isolate the external content from its internal reasoning or decision-making logic. \n- Capability inventory: The agent generates high-impact financial recommendations, including Buy/Sell/Hold signals, entry/exit points, and stop-loss levels. \n- Sanitization: No sanitization or verification of the external sentiment content is implemented before it influences the generated trading strategies.
Recommendations
- AI detected serious security threats
Audit Metadata