market-research
Pass
Audited by Gen Agent Trust Hub on Mar 25, 2026
Risk Level: SAFECOMMAND_EXECUTIONDATA_EXFILTRATIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill uses the Bash tool to execute a Python-based research tool (
run_research.py) to process financial data and industry analysis. - [DATA_EXFILTRATION]: The command instructions in
SKILL.mduse a hardcoded absolute path (/Users/kikuchihiroyuki/stock-skills/), which exposes the local system's username and directory structure to the AI agent and within execution logs. - [PROMPT_INJECTION]: The skill retrieves and processes data from external sources including web search and social media (X) via the Grok API, which presents a surface for indirect prompt injection. * Ingestion points: External content fetched via Grok API and passed to the agent for analysis. * Boundary markers: No explicit delimiters or instructions to disregard embedded commands in retrieved content were found. * Capability inventory: The agent has access to local command execution via the Bash tool. * Sanitization: No explicit output sanitization or filtering logic is visible in the provided code snippets.
Audit Metadata