earnings-call-analysis
Warn
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: MEDIUMEXTERNAL_DOWNLOADSREMOTE_CODE_EXECUTIONCOMMAND_EXECUTION
Full Analysis
- REMOTE_CODE_EXECUTION (MEDIUM): The setup guide in
references/mcp-setup.mdinstructs users to install Homebrew by piping a remote script directly into bash (curl -fsSL ... | bash). This is a high-risk pattern for executing remote code without verification. - EXTERNAL_DOWNLOADS (MEDIUM): The installation instructions for the required Octagon MCP server use
npx -y octagon-mcp@latest. This method downloads and executes code from the npm registry at runtime without integrity checks. - PROMPT_INJECTION (LOW): The skill processes external financial transcripts, creating a surface for indirect prompt injection.
- Ingestion points: Earnings call transcripts are ingested via the
octagon-mcptool call defined inSKILL.md. - Boundary markers: No specific delimiters or instructions are provided to the agent to treat transcript content as untrusted data.
- Capability inventory: The skill utilizes the
octagon-mcptool for retrieval and analysis. - Sanitization: No evidence of input filtering or sanitization of the transcript text is present.
- CREDENTIALS_UNSAFE (SAFE): The skill requires an
OCTAGON_API_KEY, but the documentation properly uses placeholders (YOUR_API_KEY_HERE) rather than hardcoding sensitive secrets.
Audit Metadata