stock-prices
Pass
Audited by Gen Agent Trust Hub on Feb 22, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSDATA_EXFILTRATIONPROMPT_INJECTIONNO_CODE
Full Analysis
- EXTERNAL_DOWNLOADS (LOW): The skill documentation guides the user to fetch data from an external, non-trusted URL (https://stock-prices.on99.app).
- DATA_EXFILTRATION (LOW): Examples demonstrate network operations to a non-whitelisted domain (on99.app). While no sensitive data is exfiltrated in the examples, external connectivity to untrusted endpoints is encouraged.
- Indirect Prompt Injection (LOW): The skill processes untrusted data from an external API, which could be used to influence the agent if the API returns malicious content.
- Ingestion points: Stock quote endpoint in SKILL.md.
- Boundary markers: Absent in provided examples.
- Capability inventory: No executable scripts are included in the skill.
- Sanitization: No sanitization or validation logic is demonstrated in the provided code snippets.
Audit Metadata