stock-price-change
Warn
Audited by Gen Agent Trust Hub on Feb 16, 2026
Risk Level: MEDIUMEXTERNAL_DOWNLOADSREMOTE_CODE_EXECUTION
Full Analysis
- EXTERNAL_DOWNLOADS (MEDIUM): The skill requires the installation of the 'octagon-mcp' server via 'npx' (README.md, mcp-setup.md). OctagonAI is not a trusted source according to the security framework, making this an unverifiable external download.
- REMOTE_CODE_EXECUTION (MEDIUM): The setup documentation in 'references/mcp-setup.md' suggests installing Homebrew on macOS by piping a 'curl' download directly into 'bash'. This pattern allows for unverified remote code execution.
- CREDENTIALS_UNSAFE (LOW): The skill relies on an 'OCTAGON_API_KEY' stored in the agent's environment variables. While placeholders are used, the architecture encourages storing sensitive credentials in plain-text configuration files.
- PROMPT_INJECTION (LOW): The skill has an indirect prompt injection surface as it ingests untrusted data from external financial APIs via the 'octagon-agent' tool. Evidence: 1. Ingestion Point: tool output in SKILL.md; 2. Boundary Markers: Absent; 3. Capability Inventory: Information retrieval (SEC filings, earnings); 4. Sanitization: Absent.
Audit Metadata