earnings-conf-call-sentiment
Fail
Audited by Gen Agent Trust Hub on Feb 16, 2026
Risk Level: HIGHEXTERNAL_DOWNLOADSREMOTE_CODE_EXECUTIONCOMMAND_EXECUTION
Full Analysis
- [REMOTE_CODE_EXECUTION] (HIGH): The setup instructions in
references/mcp-setup.mdrecommend executing a remote script directly via shell:/bin/bash -c "$(curl -fsSL https://raw.githubusercontent.com/Homebrew/install/HEAD/install.sh)". This 'curl-pipe-bash' pattern is a significant security risk if the remote source is compromised. - [EXTERNAL_DOWNLOADS] (HIGH): The skill uses
npx -y octagon-mcpandnpx skills add OctagonAI/skillsto download and execute code at runtime. These sources (OctagonAI) are not within the explicitly trusted organization list defined in the security scope. - [INDIRECT_PROMPT_INJECTION] (MEDIUM): In
SKILL.md, the workflow ingests external data (earnings call transcripts) to perform sentiment analysis. - Ingestion points:
SKILL.md(Step 1: 'Analyze the overall sentiment... during 's latest earnings conference call.'). - Boundary markers: Absent; the ticker content is interpolated directly into the analysis prompt.
- Capability inventory: The skill uses an external MCP server (
octagon-mcp) which performs the actual data retrieval and analysis. - Sanitization: Absent; there is no logic provided to sanitize or filter potential instructions embedded within the transcripts.
- [CREDENTIALS_UNSAFE] (LOW): Both
README.mdandreferences/mcp-setup.mdrequire the user to hardcode anOCTAGON_API_KEYinto environment variables or configuration files. While standard for many tools, it increases the risk of accidental exposure in logs or shared environments.
Recommendations
- AI detected serious security threats
Audit Metadata