trading-signals
Pass
Audited by Gen Agent Trust Hub on Mar 14, 2026
Risk Level: SAFEPROMPT_INJECTIONEXTERNAL_DOWNLOADS
Full Analysis
- [PROMPT_INJECTION]: The skill architecture is susceptible to indirect prompt injection due to the processing of untrusted external content.\n
- Ingestion points: Data enters the system from financial APIs (yfinance, CCXT, Alpaca) and news sentiment narratives as specified in
SKILL.mdandreference/chinese-llm-stack.md.\n - Boundary markers: Analysis of the prompt templates in
reference/swarm-consensus.mdandreference/chinese-llm-stack.mdreveals a lack of explicit delimiters or instructions to ignore embedded commands within the input context.\n - Capability inventory: The skill facilitates high-impact operations by generating BUY/SELL/HOLD signals which could be influenced by malicious instructions embedded in market data.\n
- Sanitization: There is no evidence of input validation or sanitization routines for external content before it is processed by the model stack.\n- [EXTERNAL_DOWNLOADS]: The skill documentation and reference files identify several external library dependencies and service integrations.\n
- Mentions installation and use of standard packages including
langchain,langgraph,openai,anthropic, andhmmlearnfrom public registries.\n - Integrates with established financial data providers including yfinance, CCXT, and the Alpaca API.
Audit Metadata