global-finance-brief

Pass

Audited by Gen Agent Trust Hub on Jun 29, 2026

Risk Level: SAFEPROMPT_INJECTION
Full Analysis
  • [PROMPT_INJECTION]: The skill processes external news data, creating a surface for indirect prompt injection attacks. \n
  • Ingestion points: External data is ingested through the gildata-aidata and web_search tools mentioned in SKILL.md. \n
  • Boundary markers: None are present; there are no instructions to delimit or ignore instructions within the fetched news content. \n
  • Capability inventory: The skill includes the ability to schedule recurring tasks via a cron tool and perform additional web_search queries. \n
  • Sanitization: The skill does not define any sanitization or validation steps for the external data before it is processed by the agent. \n- [COMMAND_EXECUTION]: The skill utilizes finx for time retrieval and data querying, and a cron tool for scheduling reports. These platform-provided tools are used for their intended functions within the financial reporting workflow. \n- [SAFE]: No evidence of direct prompt injection, unauthorized data exfiltration, hardcoded credentials, or malicious persistence was detected in the skill instructions.
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 29, 2026, 06:41 AM
Security Audit — agent-trust-hub — global-finance-brief