market-brief
Pass
Audited by Gen Agent Trust Hub on Mar 20, 2026
Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
- [COMMAND_EXECUTION]: Executes a local Python script using Bash(python3 *) via a wrapper script run.py. The script dynamically adjusts sys.path to load internal modules from a sibling directory named _src.\n- [PROMPT_INJECTION]: Potential surface for indirect prompt injection exists when processing external data sources.\n
- Ingestion points: The skill accepts a --csv PATH argument in run.py to load data from the local file system into the analysis workflow.\n
- Boundary markers: The skill documentation does not specify the use of delimiters or instructions to ignore embedded commands within the ingested CSV data.\n
- Capability inventory: The skill has access to file system tools (Read, Glob) and shell execution capabilities (Bash) which could be targeted by malicious input.\n
- Sanitization: No explicit sanitization or validation of the CSV content is performed before processing.\n- [DATA_EXFILTRATION]: Provides a --notify flag for outbound communication. This feature is intended for sending notifications to Feishu, which is recognized as a well-known enterprise communication service.
Audit Metadata