Skills
skills/natsufox/a-stockit/decision-support/Gen Agent Trust Hub

decision-support

Pass

Audited by Gen Agent Trust Hub on Mar 20, 2026

Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill is configured to execute a local entry script (run.py) using the Bash tool. This is a powerful capability that allows the agent to run arbitrary Python logic within the local environment.
  • [PROMPT_INJECTION]: The skill presents an indirect prompt injection surface due to its data ingestion model.
  • Ingestion points: The skill allows loading external market or account data via the --csv argument, which accepts arbitrary local file paths.
  • Boundary markers: The skill instructions do not specify any boundary markers or instructions to the agent to disregard commands or formatting embedded within the ingested data.
  • Capability inventory: The skill has access to Bash, Read, and Glob tools, which could be misused if an attacker successfully injects instructions into the data files processed by the agent.
  • Sanitization: There is no evidence of content validation or sanitization for the data ingested from external CSV files.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 20, 2026, 06:02 AM