quant-analyst
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [Indirect Prompt Injection] (LOW): The skill is designed to ingest and process external market data and strategy files using powerful execution tools, creating an attack surface for indirect prompt injection.
- Ingestion points: Uses Read, Glob, and Grep to process 'market data' and 'existing strategies'.
- Boundary markers: No delimiters or specific instructions to ignore embedded commands are present.
- Capability inventory: The skill has access to Bash, python, and Write tools.
- Sanitization: There is no mention of sanitizing or validating external input before processing.
Audit Metadata