us-equity
Pass
Audited by Gen Agent Trust Hub on May 8, 2026
Risk Level: SAFEPROMPT_INJECTIONDATA_EXFILTRATIONEXTERNAL_DOWNLOADS
Full Analysis
- [PROMPT_INJECTION]: The skill processes data from an external API, creating an indirect prompt injection surface.
- Ingestion points: The skill reads API responses from mapi.matrixport.com as described in references/endpoints.md.
- Boundary markers: Instructions in SKILL.md direct the agent to return raw JSON and avoid summarization, which helps isolate external content from the agent's internal instruction context.
- Capability inventory: The skill has the ability to execute financial transactions and write to a local credentials file (~/.bit/credentials).
- Sanitization: The requirement to output raw JSON serves as a functional boundary between external data and the agent's logic.
- [DATA_EXFILTRATION]: The skill performs HTTP network operations to the mapi.matrixport.com domain to manage trading and account information. This is necessary for the skill's primary function but involves communication with an external, non-whitelisted domain.
- [EXTERNAL_DOWNLOADS]: The documentation recommends installing the requests and certifi Python packages from standard registries to support API connectivity and authentication.
Audit Metadata