earnings-competitive-review
Fail
Audited by Gen Agent Trust Hub on Feb 16, 2026
Risk Level: CRITICALREMOTE_CODE_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- Unverifiable Dependencies & Remote Code Execution (CRITICAL): The file
references/mcp-setup.mdinstructs users to install Homebrew using the command/bin/bash -c "$(curl -fsSL https://raw.githubusercontent.com/Homebrew/install/HEAD/install.sh)". This pattern allows for arbitrary remote code execution from a source not included in the trusted organization list. - Unverifiable Dependencies & Remote Code Execution (HIGH): The skill requires the execution of
npx -y octagon-mcpas documented inREADME.mdandreferences/mcp-setup.md. This command downloads and runs code from an unverified third-party source (OctagonAI), posing a significant supply-chain security risk. - Indirect Prompt Injection (MEDIUM): The workflow in
SKILL.mdis designed to ingest and process untrusted external data. - Ingestion points: Financial earnings transcripts retrieved via the Octagon MCP server.
- Boundary markers: Absent. The prompt templates lack clear delimiters or instructions for the agent to ignore potentially malicious embedded content.
- Capability inventory: The skill focuses on data analysis and summarization, which directly influences the agent's internal reasoning and subsequent outputs.
- Sanitization: Absent. There is no evidence of validation or filtering of the external transcript content before processing.
Recommendations
- AI detected serious security threats
Audit Metadata