price-target-summary
Fail
Audited by Gen Agent Trust Hub on Feb 16, 2026
Risk Level: CRITICALEXTERNAL_DOWNLOADSREMOTE_CODE_EXECUTIONPROMPT_INJECTION
Full Analysis
- [REMOTE_CODE_EXECUTION] (CRITICAL): The setup guide in 'references/mcp-setup.md' instructs users to install Homebrew using a piped shell script:
curl -fsSL ... | bash. This pattern is highly susceptible to man-in-the-middle attacks or source compromise. Since 'Homebrew' is not a defined trusted organization, this is classified as CRITICAL. - [EXTERNAL_DOWNLOADS] (HIGH): The skill requires installation of the
octagon-mcppackage vianpx -y, which downloads and executes code from the npm registry authored by an unverified third party ('OctagonAI'). - [PROMPT_INJECTION] (MEDIUM): The skill processes data from external financial sources such as StreetInsider, TheFly, and Benzinga. This represents an indirect prompt injection surface (Category 8) where malicious content in external reports could influence agent reasoning.
- Ingestion points: Data returned by the
octagon-agenttool as described inSKILL.mdandreferences/interpreting-results.md. - Boundary markers: None present in the instructions to delimit external content.
- Capability inventory: Uses the
octagon-agenttool for market intelligence; impacts agent interpretation and potential downstream decisions. - Sanitization: No evidence of sanitization or filtering of external content before it enters the context.
Recommendations
- AI detected serious security threats
Audit Metadata