report-writer-agent
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFEDATA_EXFILTRATIONPROMPT_INJECTION
Full Analysis
- [DATA_EXFILTRATION] (LOW): The skill performs network operations to the Telegram API to distribute reports. Although this is the intended functionality, it involves transmitting internal trading data to an external third-party service. The use of environment variables for the chat ID is a positive security practice.
- [PROMPT_INJECTION] (LOW): Indirect Prompt Injection Surface.
- Ingestion points: Data is ingested from the 'trading_signals', 'shadow_trades', and 'proposals' database tables.
- Boundary markers: The skill lacks explicit delimiters or instructions to ignore embedded prompts within the database records during report generation.
- Capability inventory: The skill has network communication capabilities via the Telegram Commander Bot.
- Sanitization: There is no evidence of sanitization or escaping of the database content before it is rendered into the markdown report.
Audit Metadata