sector-analyst
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFE
Full Analysis
- Prompt Injection (SAFE): The instructions are strictly focused on financial analysis and do not contain patterns typical of prompt injection, such as overrides or safety bypasses.
- Data Exposure & Exfiltration (SAFE): The skill does not access sensitive local files or perform any network operations. It only reads its own internal reference files.
- Obfuscation (SAFE): No encoded strings, hidden characters, or homoglyphs were detected in the skill's instructions or metadata.
- Remote Code Execution (SAFE): The skill does not include any commands to download external scripts, install packages, or execute dynamic code.
- Persistence and Privilege Escalation (SAFE): There are no commands that modify system configurations, shell profiles, or attempt to gain elevated permissions.
- Indirect Prompt Injection (LOW): The skill ingests user-provided images for analysis. While images can theoretically be used for injection, the skill possesses no high-risk capabilities (like network or system access) to exploit, making the risk negligible.
Audit Metadata