Skills
skills/psh355q-ui/szdi57465yt/quick-analyzer-agent/Gen Agent Trust Hub

quick-analyzer-agent

Warn

Audited by Gen Agent Trust Hub on Feb 16, 2026

Risk Level: MEDIUMPROMPT_INJECTION
Full Analysis
  • [Indirect Prompt Injection] (MEDIUM): The skill possesses a vulnerability surface for indirect prompt injection via external data ingestion.
  • Ingestion points: The skill ingests untrusted content from the NewsArticle database via the get_recent_news function and the db.query in gather_quick_data.
  • Boundary markers: There are no explicit boundary markers or instructions to ignore embedded commands within the news processing logic.
  • Capability inventory: The agent generates a structured JSON response containing reasoning, action, and risk_factors which are presented directly to the user/UI.
  • Sanitization: No sanitization or filtering of news headlines or content is performed before the agent processes them for sentiment or summary generation.
  • [Data Exposure] (LOW): The skill accesses local database models (NewsArticle) and external market data APIs (YahooClient). While these are standard for the stated purpose, they represent a data ingestion path from potentially untrusted external sources (news providers).
  • [Unverifiable Dependencies] (LOW): The skill references internal modules such as backend.ai.skills.base_agent and backend.data.yahoo_client. These appear to be part of a larger, trusted local architecture rather than remote/untrusted downloads.
Audit Metadata
Risk Level
MEDIUM
Analyzed
Feb 16, 2026, 04:58 AM