stock-historical-index
Fail
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: CRITICALREMOTE_CODE_EXECUTIONEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [REMOTE_CODE_EXECUTION] (CRITICAL): Detected piped remote script execution in 'references/mcp-setup.md'. The command '/bin/bash -c "$(curl -fsSL https://raw.githubusercontent.com/Homebrew/install/HEAD/install.sh)"' downloads and executes a remote script directly in the shell, which is a high-risk security pattern.
- [EXTERNAL_DOWNLOADS] (HIGH): The skill instructs users to run 'npx -y octagon-mcp' and 'npx skills add OctagonAI/skills'. These commands download and execute code from external sources (npm and GitHub) without integrity checks or version pinning, posing a supply-chain risk.
- [COMMAND_EXECUTION] (MEDIUM): Setup instructions for various agents require executing commands that involve setting sensitive environment variables ('OCTAGON_API_KEY') in the shell. This can lead to credential exposure via process listings or shell history files.
- [PROMPT_INJECTION] (LOW): The skill utilizes the 'octagon-agent' tool which takes a natural language prompt as an argument. This establishes an attack surface for indirect prompt injection if untrusted data is interpolated into the tool arguments. Evidence: Ingestion point in 'SKILL.md' (toolName: 'octagon-agent'); Boundary markers are absent; Capability inventory includes network-connected financial data retrieval; Sanitization is absent.
Recommendations
- AI detected serious security threats
Audit Metadata