batch-market-cap
Warn
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: MEDIUMEXTERNAL_DOWNLOADSREMOTE_CODE_EXECUTIONCOMMAND_EXECUTION
Full Analysis
- EXTERNAL_DOWNLOADS (MEDIUM): The skill instructs users to run 'npx -y octagon-mcp', which downloads code from the npm registry. The author 'OctagonAI' and the package 'octagon-mcp' are not associated with any trusted organizations provided in the security guidelines.
- REMOTE_CODE_EXECUTION (MEDIUM): In 'references/mcp-setup.md', the instructions for Mac users include a command to install Homebrew using 'curl -fsSL [URL] | bash'. This piped remote execution pattern is a high-risk operation from a non-whitelisted source. While this is a standard setup step for the tool's environment, it constitutes a significant execution surface. The use of 'npx' also involves dynamic execution of remotely fetched code.
- COMMAND_EXECUTION (MEDIUM): The configuration steps require users to execute shell commands that set environment variables and spawn persistent MCP server processes ('npx -y octagon-mcp').
- DATA_EXFILTRATION (SAFE): The skill handles an API key ('OCTAGON_API_KEY') using environment variables and placeholders ('YOUR_API_KEY_HERE'), which follows best practices for user-provided credentials and avoids hardcoding secrets.
- PROMPT_INJECTION (LOW): An indirect prompt injection surface is present. Evidence Chain: 1. Ingestion points: Ticker symbols provided by the user in natural language queries (SKILL.md). 2. Boundary markers: Absent. 3. Capability inventory: 'octagon-agent' tool (capable of web search and data retrieval). 4. Sanitization: None documented.
Audit Metadata