earnings-capital-allocation
Fail
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: HIGHREMOTE_CODE_EXECUTIONEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONCREDENTIALS_UNSAFEPROMPT_INJECTION
Full Analysis
- REMOTE_CODE_EXECUTION (HIGH): The skill setup instructions in README.md and references/mcp-setup.md guide users to execute code directly from the internet using 'npx -y octagon-mcp' and 'npx skills add ...'. This allows for the execution of arbitrary code from the npm registry without prior inspection.
- EXTERNAL_DOWNLOADS (HIGH): Setup instructions for macOS include a high-risk 'curl | bash' pattern to install Homebrew ('/bin/bash -c "$(curl -fsSL ...)"'), which could be exploited if the source or connection is compromised.
- COMMAND_EXECUTION (MEDIUM): The configuration commands for various IDEs involve executing shell commands with environment variables (e.g., 'env OCTAGON_API_KEY='). This can lead to credential leakage in process lists or shell history.
- PROMPT_INJECTION (LOW): The skill processes 'earnings transcripts' which are untrusted external data sources. There are no explicit boundary markers or instructions for the agent to ignore potential malicious prompts embedded within these transcripts (Indirect Prompt Injection).
- CREDENTIALS_UNSAFE (MEDIUM): The documentation encourages users to hardcode or pass API keys in plain text within terminal commands and configuration files.
Recommendations
- AI detected serious security threats
Audit Metadata