quick-stats
Pass
Audited by Gen Agent Trust Hub on Mar 6, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill is vulnerable to indirect prompt injection through its input parameters.\n
- Ingestion points: The symbol ($0), exchange ($1), and interval ($2) arguments are interpolated directly into the prompt for the AI to generate code.\n
- Boundary markers: The skill does not use delimiters or specific safety instructions to ensure the agent ignores potentially malicious strings within these variables.\n
- Capability inventory: The agent has access to tools like Bash and Read and is tasked with generating executable code blocks.\n
- Sanitization: No input validation or escaping is applied to the user arguments before they are processed.
Audit Metadata