Skills
skills/tradeinsight-info/investment-analysis-skills/risk-assessment/Gen Agent Trust Hub

risk-assessment

Pass

Audited by Gen Agent Trust Hub on Mar 13, 2026

Risk Level: SAFEPROMPT_INJECTION
Full Analysis
  • [PROMPT_INJECTION]: The skill is subject to indirect prompt injection risks because it retrieves and processes untrusted text from external web searches and SEC documents.
  • Ingestion points: The skill fetches risk factor disclosures from SEC Item 1A and news/short-seller reports via WebSearch (SKILL.md, Steps 1 and 3).
  • Boundary markers: There are no instructions or delimiters provided to separate external content from the agent's core instructions.
  • Capability inventory: The skill's functions are restricted to data retrieval and analytical reporting; it lacks dangerous capabilities like shell command execution, file system modification, or secret exfiltration.
  • Sanitization: No logic is present to filter or validate retrieved content for potential instructions hidden in the data.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 13, 2026, 08:21 AM