trap-detector
Pass
Audited by Gen Agent Trust Hub on Apr 28, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill possesses a surface for indirect prompt injection as its core logic involves analyzing external content from web searches (e.g., WeChat, TikTok, and financial forums).
- Ingestion points: Untrusted content retrieved via web search tools for stock recommendation patterns across multiple social media platforms as described in 'references/eight-signals.md'.
- Boundary markers: None identified; the skill does not instruct the agent to use specific delimiters or to ignore instructions embedded in the analyzed search results.
- Capability inventory: Ability to perform web searches and call financial analysis tools such as 'fetch_financials', 'fetch_sentiment', and 'fetch_kline'.
- Sanitization: No mechanisms for filtering, escaping, or validating the integrity of the external data are specified in the provided instructions. This exposure is typical for skills performing sentiment and promotion analysis.
Audit Metadata