stock-quote
Fail
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: HIGHREMOTE_CODE_EXECUTIONEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- Remote Code Execution (HIGH): The documentation in
references/mcp-setup.mdcontains a command to install Homebrew using a piped shell script:/bin/bash -c "$(curl -fsSL https://raw.githubusercontent.com/Homebrew/install/HEAD/install.sh)". This is a high-risk pattern as it executes remote code directly in the shell. - External Downloads (MEDIUM): The skill requires the installation of
octagon-mcpvianpx -y octagon-mcp. This downloads and executes code from an external, untrusted source (OctagonAI) not listed in the trusted organizations. - Indirect Prompt Injection (LOW): The skill ingests and processes stock market data from external sources via the
octagon-agenttool, creating a surface for indirect prompt injection. * Ingestion points: Data enters through theoctagon-agenttool calls described inSKILL.md. * Boundary markers: Absent; no delimiters or ignore-instructions are specified for the tool output. * Capability inventory: Theoctagon-agenttool possesses broad research and scraping capabilities according toreferences/mcp-setup.md. * Sanitization: Absent; no mention of sanitizing or validating the retrieved financial data before presentation.
Recommendations
- AI detected serious security threats
Audit Metadata