technical-scan
Pass
Audited by Gen Agent Trust Hub on Mar 20, 2026
Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
- [PROMPT_INJECTION]: Potential for indirect prompt injection exists due to the processing of untrusted external data.
- Ingestion points: The skill ingests stock symbols as arguments and processes external market data artifacts and local datasets via the Read, Glob, and Grep tools.
- Boundary markers: Absent. The instructions do not define specific delimiters or warnings to prevent the agent from obeying instructions that might be embedded within the market data.
- Capability inventory: The skill has access to Bash (executing python3), Read, Glob, and Grep, allowing it to perform file operations and code execution based on processed data.
- Sanitization: No explicit sanitization, validation, or escaping logic is present for the symbol input or the data retrieved from external artifacts.
- [COMMAND_EXECUTION]: The skill is configured to use the Bash tool to execute Python scripts (python3). While this is a standard capability for data analysis skills, it grants the agent the ability to execute arbitrary code on the local system to process technical indicators.
Audit Metadata