agent-trading-predictor
Pass
Audited by Gen Agent Trust Hub on Mar 1, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [DYNAMIC_EXECUTION]: The skill uses the vendor-owned mcp__flow-nexus__sandbox_execute tool to dynamically generate and run Python scripts for trading operations. This behavior is consistent with the primary purpose of the agent.
- [INDIRECT_PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection through external data sources.
- Ingestion points: market_data variables and marketSignalVector signals processed in SKILL.md.
- Boundary markers: There are no boundary markers or explicit instructions to ignore embedded commands within the processed data.
- Capability inventory: The agent has the capability to execute arbitrary Python code in a sandbox using tools like mcp__flow-nexus__sandbox_execute.
- Sanitization: The skill does not implement validation or sanitization for the external data it ingests.
Audit Metadata