a-stock-investment
Pass
Audited by Gen Agent Trust Hub on Mar 12, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection because it retrieves and processes untrusted data from the web.
- Ingestion points: The
scripts/search-stock.mjsscript fetches external content (titles, snippets, and AI-generated answers) from the Tavily search API based on user queries. - Boundary markers: No delimiters or specific instructions are provided to the agent to treat the fetched web content as untrusted or to ignore instructions embedded within the search results.
- Capability inventory: The skill executes a local Node.js script and provides the resulting network data to the agent's context.
- Sanitization: There is no evidence of sanitization, filtering, or validation of the content returned by the search API before it is processed by the agent.
Audit Metadata