macro-intelligence
Pass
Audited by Gen Agent Trust Hub on Apr 15, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSPROMPT_INJECTIONCOMMAND_EXECUTIONDATA_EXFILTRATION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill fetches market data, news headlines, and prediction market probabilities from several external services including FRED (Federal Reserve Economic Data), Finnhub, CoinGecko, Polymarket, 6551.io, and NewsNow.- [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection within its LLM-driven classification and insight generation pipeline in
macro_news.py. - Ingestion points: Untrusted headlines from external aggregators (NewsNow, Finnhub, 6551.io) and messages from Telegram groups/channels.
- Boundary markers: Untrusted content is interpolated directly into prompts for
_llm_classifyand_generate_insightwithout the use of delimiters or 'ignore embedded instructions' warnings. - Capability inventory: The skill produces classification signals (direction, magnitude, affects) that are exposed via an HTTP API for use by downstream trading skills.
- Sanitization: The implementation uses basic length clipping to 400-500 characters but lacks structural validation or instruction-aware filtering of the input text.- [COMMAND_EXECUTION]: Initializes a local HTTP server on port 3252 using the standard Python
HTTPServermodule to serve a dark-theme monitoring dashboard and provide access to the signals API.- [DATA_EXFILTRATION]: Performs network operations to non-whitelisted domains includingai.6551.ioandnewsnow.busiyi.world. The skill also utilizes multiple authentication tokens and API keys sourced from environment variables to access external data feeds.
Audit Metadata