investment-research-material-compare

Pass

Audited by Gen Agent Trust Hub on Jun 20, 2026

Risk Level: SAFEPROMPT_INJECTIONEXTERNAL_DOWNLOADS
Full Analysis
  • [PROMPT_INJECTION]: The skill has an inherent surface for indirect prompt injection because it is designed to ingest and analyze untrusted external data.
  • Ingestion points: The marketDataLink, researchNoteText, and researchPackFile parameters in references/form-schema.json and references/skill.json allow the injection of external content (URLs, text, and files).
  • Boundary markers: No specific delimiters or boundary instructions are provided in the prompt logic to isolate external data from instructions.
  • Capability inventory: The scripts/run.py script performs network operations to the vendor's API to process the data.
  • Sanitization: The local scripts do not perform sanitization or verification of the external content before transmission to the API.
  • [EXTERNAL_DOWNLOADS]: The skill communicates with the vendor's official domain at ai-skills.ai via the scripts/run.py script to perform document analysis. This is documented and expected behavior for the skill's primary purpose.
  • [COMMAND_EXECUTION]: The provided Python runner script (scripts/run.py) uses standard libraries for HTTP requests and does not execute arbitrary shell commands or user-supplied input.
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 20, 2026, 07:58 AM
Security Audit — agent-trust-hub — investment-research-material-compare