Skills
skills/patharanordev/stock-analysis/recommendations/Gen Agent Trust Hub

recommendations

Pass

Audited by Gen Agent Trust Hub on Feb 16, 2026

Risk Level: LOWPROMPT_INJECTIONNO_CODE
Full Analysis
  • Indirect Prompt Injection (LOW): The 'Extraction' mode is vulnerable to indirect prompt injection through the {raw_text} and {exclude_text} placeholders. An attacker could provide text that contains instructions to override the agent's behavior.
  • Ingestion points: The skill ingests untrusted data via the {raw_text} and {exclude_text} variables in SKILL.md.
  • Boundary markers: Absent. The skill lacks delimiters (e.g., XML tags or triple backticks) to separate instructions from untrusted data, making it easier for an LLM to confuse the two.
  • Capability inventory: Low. The skill definition itself only specifies text and JSON output and does not contain any file system, network, or subprocess execution code.
  • Sanitization: None. The raw input is interpolated directly into the prompt without escaping or validation.
  • No Code (INFO): The skill contains no executable scripts (Python, JavaScript, etc.) or binary files, which limits the risk to prompt-based attacks and logic manipulation.
Audit Metadata
Risk Level
LOW
Analyzed
Feb 16, 2026, 05:20 AM