primary-logic
Pass
Audited by Gen Agent Trust Hub on Feb 26, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill connects to a remote MCP server at 'https://primarylogic--pulse-backend-external-api-app.modal.run/mcp' to retrieve investment context. This endpoint is owned and operated by the skill's author, Primary Logic.
- [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection because it processes untrusted data from external sources.
- Ingestion points: Tools such as 'search_content', 'get_content', and 'get_ticker_content' retrieve data from monitored channels including X/Twitter, news articles, and earnings calls.
- Boundary markers: None detected. There are no explicit instructions for the agent to treat external content as data only or to use specific delimiters.
- Capability inventory: The skill's capabilities are restricted to data retrieval and metadata inspection tools; it does not have the ability to execute system commands, write to the file system, or perform unauthorized network operations.
- Sanitization: No sanitization or filtering logic for external content is defined within the skill instructions.
Audit Metadata