log-reader
Pass
Audited by Gen Agent Trust Hub on Apr 4, 2026
Risk Level: SAFEPROMPT_INJECTIONDATA_EXFILTRATION
Full Analysis
- [PROMPT_INJECTION]: The skill presents an indirect prompt injection surface because it reads and processes MT5 log files which contain output generated by external indicators and scripts. \n
- Ingestion points: MetaTrader 5 log files ($MQL5_ROOT/Program Files/MetaTrader 5/MQL5/Logs/YYYYMMDD.log) processed via Read and Grep tools.\n
- Boundary markers: Absent; the instructions do not define delimiters or provide warnings to the agent to ignore instructions embedded within the logs.\n
- Capability inventory: The skill uses Read, Grep, and Bash tools, allowing for file system access and shell command execution.\n
- Sanitization: Absent; the skill parses raw log lines without escaping or content validation.\n- [DATA_EXFILTRATION]: The skill accesses MT5 log files which, as noted in the 'Security Considerations' section, may contain sensitive trading data such as account information and symbol names. This is the intended primary purpose of the skill, and it includes appropriate warnings to the user to filter this information when reporting results.
Audit Metadata