market-analyst-master
Fail
Audited by Gen Agent Trust Hub on Feb 16, 2026
Risk Level: CRITICALREMOTE_CODE_EXECUTIONEXTERNAL_DOWNLOADSCOMMAND_EXECUTION
Full Analysis
- Unverifiable Dependencies & Remote Code Execution (CRITICAL): The file
references/mcp-setup.mdinstructs users to install Homebrew by piping a remote script directly to bash (curl -fsSL ... | bash). This practice allows for the execution of unverified code with the user's shell privileges and is a high-risk remote code execution vector.\n- Unverifiable Dependencies & Remote Code Execution (HIGH): The skill relies onnpx -y octagon-mcpfor its core functionality, which downloads and executes code from the untrusted 'OctagonAI' organization at runtime without version pinning or integrity checks (File:README.md,references/mcp-setup.md).\n- Indirect Prompt Injection (MEDIUM): The skill is designed to ingest and process data from external financial websites and research sources via theoctagon-scraper-agentandoctagon-deep-research-agent(File:references/mcp-setup.md).\n - Ingestion points: External web scrapers and research aggregators.\n
- Boundary markers: Absent; there are no instructions for the agent to use delimiters or to ignore embedded instructions in the fetched data.\n
- Capability inventory: Data retrieval and report generation. While primarily informational, poisoned reports can influence downstream financial decisions.\n
- Sanitization: None; the skill does not define any validation or filtering logic for the content it retrieves.\n- Command Execution (LOW): The setup instructions (File:
README.md) involve setting environment variables containing sensitive API keys directly in the command line (env OCTAGON_API_KEY=<your-api-key>), which can leak secrets to system process trees or shell history files.
Recommendations
- AI detected serious security threats
Audit Metadata