us-market-bubble-detector
Pass
Audited by Gen Agent Trust Hub on Feb 21, 2026
Risk Level: SAFE
Full Analysis
- [Prompt Injection] (SAFE): No instructions were found that attempt to override agent constraints, extract system prompts, or bypass safety guidelines. The content is strictly focused on financial analysis logic.
- [Data Exposure & Exfiltration] (SAFE): No hardcoded credentials or access to sensitive local file paths (e.g., SSH keys, env files) were detected. Network references are limited to public data sources such as Google Trends, CBOE, and FINRA.
- [Unverifiable Dependencies] (SAFE): The reference files include code examples that utilize common Python packages (
pytrends,yfinance) for data retrieval. These are standard libraries in the financial domain and do not represent a security risk as presented. - [Command Execution] (SAFE): No evidence of arbitrary command execution, shell spawning, or dangerous subprocess calls was found. The Python snippets are limited to mathematical calculations and API data fetching.
- [Obfuscation] (SAFE): All files were examined for Base64 encoding, zero-width characters, and homoglyphs. No obfuscated or hidden content was identified.
- [Indirect Prompt Injection] (SAFE): While the skill processes external market data, it lacks high-privilege capabilities (such as file system writes or command execution) that could be exploited via poisoned data inputs.
Audit Metadata