Skills
skills/natsufox/a-stockit/watchlist/Gen Agent Trust Hub

watchlist

Pass

Audited by Gen Agent Trust Hub on Mar 20, 2026

Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill is configured with the Bash(python3 *) and Glob tools, enabling the execution of arbitrary Python scripts and file system exploration.
  • [PROMPT_INJECTION]: The skill is vulnerable to indirect prompt injection through the processing of external watchlist data.
  • Ingestion points: External data is ingested from watchlist-import and user-provided symbol lists.
  • Boundary markers: The instructions do not define clear boundaries or 'ignore' directives for processed data.
  • Capability inventory: The skill combines data ingestion with powerful capabilities like Bash and file access (Read/Glob).
  • Sanitization: While symbol validation is mentioned, there is no evidence of filtering for malicious instructions in the input.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 20, 2026, 06:02 AM