chairman-daily-brief
Pass
Audited by Gen Agent Trust Hub on Mar 13, 2026
Risk Level: SAFEPROMPT_INJECTIONEXTERNAL_DOWNLOADS
Full Analysis
- [PROMPT_INJECTION]: Indirect prompt injection surface detected. The skill processes news articles and social media sentiment from external sources which could contain malicious instructions designed to subvert agent behavior.
- Ingestion points:
scripts/fetch_company_news.py(fetches news items via QVeris API) andscripts/fetch_market_data.py(fetches market and quote data). - Boundary markers: The skill does not implement delimiters or 'ignore embedded instructions' warnings for external content processed by the scripts.
- Capability inventory: The skill utilizes local file writing for configuration management within the skill directory via
scripts/chairman_daily.mjs. - Sanitization: No sanitization or filtering logic for external textual content was identified in the processing pipeline.
- [EXTERNAL_DOWNLOADS]: The skill fetches financial data and market intelligence from the author's primary service at
https://qveris.aiand uses the well-known servicehttps://hq.sinajs.cnas a secondary quote source. - [SAFE]: Insecure SSL configuration. The Python scripts
scripts/fetch_market_data.pyandscripts/fetch_sina_quote.pyexplicitly disable SSL certificate verification by settingssl.CERT_NONE. This is a best practice violation that increases susceptibility to man-in-the-middle (MITM) attacks. - [SAFE]: Documented persistence mechanism. The skill documentation provides instructions for setting up automated daily briefings using the
openclaw cron addcommand. This uses an established scheduling mechanism to maintain periodic operation as intended for the skill's primary purpose.
Audit Metadata