earnings-calendar
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFENO_CODEPROMPT_INJECTION
Full Analysis
- [Indirect Prompt Injection] (LOW): (Category 8) The template in
assets/earnings_report_template.mdis designed to ingest data from an external source (FMP API) and interpolate it into placeholders like[COMPANY_NAME]. This establishes a potential vector for indirect prompt injection if the API provides malicious content. - Ingestion points: Placeholders in
assets/earnings_report_template.mdsuch as[TICKER],[COMPANY_NAME], and[EPS_EST]. - Boundary markers: Absent; the template does not use delimiters or instructions to prevent the agent from interpreting data as commands.
- Capability inventory: None; the file contains no code, scripts, or subprocess capabilities.
- Sanitization: No sanitization or escaping mechanisms are present in the template.
- [NO_CODE] (SAFE): Analysis of the file content confirms it is a purely descriptive Markdown document without any embedded scripts, shell commands, or obfuscated payloads.
Audit Metadata