stock-data
Pass
Audited by Gen Agent Trust Hub on Mar 20, 2026
Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
- [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection as it processes data from external, potentially untrusted sources.
- Ingestion points: Market data is ingested via the
--csvargument and from the outputs of themarket-dataandfundamental-contextskills (SKILL.md). - Boundary markers: The instructions lack specific delimiters or explicit 'ignore embedded instructions' warnings for the data processed by the agent.
- Capability inventory: The skill has access to Bash, Read, and Glob tools, allowing for command execution and filesystem access (SKILL.md).
- Sanitization: The skill documentation mentions validating JSON validity and data quality but does not provide mechanisms for sanitizing or filtering natural language instructions within the data streams.
- [COMMAND_EXECUTION]: The skill utilizes the Bash tool to execute a local Python script (
run.py) for data synthesis and artifact generation. This is the intended functional behavior for the skill and is confined to the local bundle directory.
Audit Metadata