analysis
Pass
Audited by Gen Agent Trust Hub on Mar 20, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill invokes a local script located at
<bundle-root>/analysis/run.pyusingpython3via theBashtool to perform deep financial analysis. This script is part of the skill bundle and uses a local support library for processing market and account parameters. - [PROMPT_INJECTION]: The skill presents an indirect prompt injection surface through the ingestion of external data provided via the
--headlineand--headline-filearguments. - Ingestion points: External data enters the agent's context through user-provided news headlines and specific file paths provided as arguments to the execution command.
- Boundary markers: The skill's instructions explicitly mandate that any user-supplied headlines or assumptions must be labeled as such and accompanied by a disclaimer that they are not independently verified.
- Capability inventory: The skill is granted access to
Bash,Read,Glob, andGrep, enabling it to execute local code and read files within the environment. - Sanitization: Security relies on descriptive instructions and the agent's enforcement of provenance rules rather than automated sanitization of the input text.
Audit Metadata