investment-research-material-compare
Pass
Audited by Gen Agent Trust Hub on Jun 20, 2026
Risk Level: SAFEPROMPT_INJECTIONEXTERNAL_DOWNLOADS
Full Analysis
- [PROMPT_INJECTION]: The skill has an inherent surface for indirect prompt injection because it is designed to ingest and analyze untrusted external data.
- Ingestion points: The
marketDataLink,researchNoteText, andresearchPackFileparameters inreferences/form-schema.jsonandreferences/skill.jsonallow the injection of external content (URLs, text, and files). - Boundary markers: No specific delimiters or boundary instructions are provided in the prompt logic to isolate external data from instructions.
- Capability inventory: The
scripts/run.pyscript performs network operations to the vendor's API to process the data. - Sanitization: The local scripts do not perform sanitization or verification of the external content before transmission to the API.
- [EXTERNAL_DOWNLOADS]: The skill communicates with the vendor's official domain at
ai-skills.aivia thescripts/run.pyscript to perform document analysis. This is documented and expected behavior for the skill's primary purpose. - [COMMAND_EXECUTION]: The provided Python runner script (
scripts/run.py) uses standard libraries for HTTP requests and does not execute arbitrary shell commands or user-supplied input.
Audit Metadata