us-stock-analysis
Pass
Audited by Gen Agent Trust Hub on Apr 6, 2026
Risk Level: SAFEPROMPT_INJECTIONNO_CODE
Full Analysis
- [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection due to its reliance on external web data for analysis and report generation.
- Ingestion points: The skill fetches current market data, news, and analyst ratings from external websites as specified in
SKILL.md. - Boundary markers: The instructions do not provide delimiters or specific warnings to the agent to ignore instructions that might be embedded in the fetched web content.
- Capability inventory: The agent uses the ingested data to formulate investment recommendations and structured reports, which could be influenced by malicious content on analyzed pages.
- Sanitization: There is no mention of sanitizing or validating the text retrieved from external sources before it is processed by the agent.
- [NO_CODE]: The skill consists exclusively of Markdown files and documentation. No executable scripts, binaries, or configuration files that execute code were found in the skill package.
Audit Metadata