us-stock-analyst
Warn
Audited by Gen Agent Trust Hub on Feb 13, 2026
Risk Level: MEDIUMPROMPT_INJECTIONNO_CODE
Full Analysis
- [Category 8: Indirect Prompt Injection] (MEDIUM): The skill is designed to ingest high-volume, untrusted data from multiple web sources for analysis by large language models.\n
- Ingestion points: Fetches content from Twitter, News, Search, and YouTube via the AIsa API platform as documented in
README.mdandSKILL.md.\n - Boundary markers: No explicit delimiters or system-level instructions for the LLM to ignore embedded commands were identified in the provided documentation or examples.\n
- Capability inventory: Synthesizes financial summaries, valuations, and performs local file writes for batch portfolio reporting (as seen in
batch_analysis.py).\n - Sanitization: No evidence of sanitization or filtering of external content before processing is present in the provided snippets.\n- [Category 7: Metadata Poisoning] (LOW): Documentation and release files contain multiple self-referential safety and compliance claims (e.g. in
TEST_REPORT.mdandUS_STOCK_CLAWHUB_RELEASE.md) which are ignored in favor of independent behavioral analysis.\n- [Category 4: Unverifiable Dependencies] (INFO): Uses standard, reputable Python libraries (httpx,asyncio).
Audit Metadata