markets
Pass
Audited by Gen Agent Trust Hub on Mar 9, 2026
Risk Level: SAFE
Full Analysis
- [PROMPT_INJECTION]: The skill does not contain any instructions that attempt to bypass safety filters, override system prompts, or extract internal instructions. The language used is strictly instructional and descriptive of its primary purpose.
- [DATA_EXFILTRATION]: No evidence was found of unauthorized data collection or exfiltration. The skill interacts with public sports and market APIs (ESPN, Kalshi, Polymarket), which are recognized as well-known and legitimate services for this context.
- [EXTERNAL_DOWNLOADS]: The skill refers to a standard Python package structure (
sports_skills). It does not perform any unverified remote code downloads or execute scripts from unknown external sources. - [COMMAND_EXECUTION]: The provided commands are restricted to the skill's own CLI functionality for data retrieval and mathematical normalization. There are no patterns suggesting shell injection, privilege escalation, or arbitrary code execution.
- [CREDENTIALS_UNSAFE]: No hardcoded API keys, tokens, or other secrets were found in the file. Placeholders and examples use generic identifiers.
Audit Metadata