market-recon
Pass
Audited by Gen Agent Trust Hub on Mar 28, 2026
Risk Level: SAFENO_CODE
Full Analysis
- [PROMPT_INJECTION]: The skill facilitates the ingestion of untrusted data from Reddit, which creates a surface for indirect prompt injection.
- Ingestion points: External community posts and comments are retrieved via Reddit MCP (documented in SKILL.md).
- Boundary markers: The skill provides a structured Markdown template for output, which serves as a organizational boundary for the external data.
- Capability inventory: The orchestrator writes the gathered data to the
.godag/context/directory for subagent access. No dangerous shell execution or network exfiltration of sensitive local data is present. - Sanitization: The instructions do not specify any explicit sanitization or filtering of the fetched Reddit content.
- [NO_CODE]: The skill is composed entirely of instructional Markdown content and does not include any Python scripts, Node.js packages, or shell executables.
Audit Metadata