earnings-analyst-questions
Fail
Audited by Gen Agent Trust Hub on Feb 16, 2026
Risk Level: CRITICALEXTERNAL_DOWNLOADSREMOTE_CODE_EXECUTIONCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- EXTERNAL_DOWNLOADS (CRITICAL): The 'references/mcp-setup.md' file instructs users to install Homebrew using the command 'curl -fsSL https://raw.githubusercontent.com/Homebrew/install/HEAD/install.sh | /bin/bash'. This is a piped remote execution pattern targeting a source not listed in the trusted scope, which is a critical security vulnerability.
- REMOTE_CODE_EXECUTION (HIGH): The skill setup and installation rely on 'npx' to download and run packages ('skills' and 'octagon-mcp') from 'OctagonAI'. As this organization is not a verified trusted source, this allows for the execution of unvetted third-party code.
- PROMPT_INJECTION (MEDIUM): In 'SKILL.md', the agent is instructed to analyze external earnings call transcripts. There are no boundary markers or delimiters (e.g., XML tags) or specific instructions to ignore embedded commands, creating a surface for indirect prompt injection if a transcript contains malicious instructions.
- COMMAND_EXECUTION (MEDIUM): The configuration process requires users to set sensitive API keys within shell commands ('env OCTAGON_API_KEY='), which can result in credentials being stored in plaintext within shell history files.
Recommendations
- AI detected serious security threats
Audit Metadata