stock-grades
Fail
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: HIGHEXTERNAL_DOWNLOADSREMOTE_CODE_EXECUTIONCREDENTIALS_UNSAFEPROMPT_INJECTION
Full Analysis
- EXTERNAL_DOWNLOADS (HIGH): The file 'references/mcp-setup.md' contains a command to install Homebrew using 'curl -fsSL ... | bash'. This is a piped remote execution pattern that executes code directly from the internet without prior verification.
- REMOTE_CODE_EXECUTION (MEDIUM): The skill's setup instructions utilize 'npx -y octagon-mcp', which downloads and executes code from the npm registry at runtime. The organization 'OctagonAI' is not listed among the predefined trusted providers.
- CREDENTIALS_UNSAFE (LOW): The skill requires an 'OCTAGON_API_KEY' for operation. While no secrets are hardcoded in the skill files, the instructions guide users to store sensitive API keys in environment variables or configuration files, creating a standard credential risk surface.
- PROMPT_INJECTION (LOW): A Category 8 (Indirect Prompt Injection) surface exists because the skill processes financial data from external analysts via the 'octagon-agent'. Evidence: (1) Ingestion point: 'SKILL.md' indicates data is sourced from external financial institutions. (2) Boundary markers: No delimiters or protective instructions are used when interpolating this data. (3) Capability: The toolset includes scraping and research agents. (4) Sanitization: No sanitization of ingested content is documented.
Recommendations
- AI detected serious security threats
Audit Metadata