market-news-analyst
Pass
Audited by Gen Agent Trust Hub on Mar 12, 2026
Risk Level: SAFEPROMPT_INJECTIONNO_CODE
Full Analysis
- [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection because it retrieves and processes untrusted data from the internet via
WebSearchandWebFetchtools. - Ingestion points: The analysis workflow in
SKILL.md(Step 1) relies on fetching news articles and reports from various external websites. - Boundary markers: The instructions do not define boundary markers (such as XML tags or clear delimiters) to isolate fetched content from the agent's operational instructions.
- Capability inventory: The agent uses
WebSearchandWebFetchfor data gathering and produces markdown reports. No high-privilege capabilities like code execution or file-system writing were found. - Sanitization: There is no mention of sanitizing or validating the content retrieved from external sources before it is processed by the agent.
- [NO_CODE]: This skill consists entirely of markdown instruction and reference files. It does not contain any executable scripts (Python, Node.js), binary files, or external package dependencies, which reduces the risk of direct code execution attacks.
Audit Metadata