Skills
skills/ruvnet/ruflo/trader-signal/Gen Agent Trust Hub

trader-signal

Warn

Audited by Gen Agent Trust Hub on May 7, 2026

Risk Level: MEDIUMEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [EXTERNAL_DOWNLOADS]: The skill installs the neural-trader package from the NPM registry at runtime if it is not found locally. This package is an unverified third-party dependency that is not associated with the skill author or a known trusted vendor.
  • [COMMAND_EXECUTION]: The skill uses npx to execute the neural-trader engine. Executing unversioned third-party software at runtime allows for the execution of arbitrary code that may change or be compromised between sessions.
  • [PROMPT_INJECTION]: The skill exhibits an attack surface for indirect prompt injection (Category 8):
  • Ingestion points: Untrusted data enters the agent context via user-supplied trading symbols (), strategy names, and the text output generated by the neural-trader scan command.
  • Boundary markers: No delimiters or "ignore embedded instructions" markers are present to prevent the agent from being influenced by instructions hidden within the ingested data.
  • Capability inventory: The skill allows access to Bash for shell command execution and mcp__claude-flow__memory_store for data persistence, which could be exploited if malicious instructions are processed.
  • Sanitization: Input tickers and tool outputs are used directly in subsequent logical steps, such as neural_predict and memory_store, without any validation or filtering.
Audit Metadata
Risk Level
MEDIUM
Analyzed
May 7, 2026, 03:18 PM