fireant-stock
Pass
Audited by Gen Agent Trust Hub on Feb 18, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION] (SAFE): The script executes the
openclawutility viasubprocess.runto perform browser automation. Arguments are passed as a list, and user-provided symbols are upper-cased, minimizing the risk of shell injection. - [PROMPT_INJECTION] (LOW): The skill has a surface for indirect prompt injection (Category 8) as it ingests data from external websites.
- Ingestion points: Web content from Google and FireAnt.vn is read via browser snapshots in
scripts/check_stock.py. - Boundary markers: None are present to distinguish between retrieved data and instructions in the agent response.
- Capability inventory: The skill uses
subprocess.runfor browser automation including navigation and typing. - Sanitization: Regular expressions are used for data extraction, providing minimal protection against adversarial content embedded in the source pages.
Audit Metadata