Skills
skills/duc01226/easyplatform/strategy-builder/Gen Agent Trust Hub

strategy-builder

Pass

Audited by Gen Agent Trust Hub on Apr 10, 2026

Risk Level: SAFEPROMPT_INJECTION
Full Analysis
  • [PROMPT_INJECTION]: The skill is vulnerable to indirect prompt injection as it processes data from external sources that could contain malicious instructions.
  • Ingestion points: In 'SKILL.md' (Step 1), the skill is instructed to read output from a 'market-analysis' skill or other external sources.
  • Boundary markers: The instructions lack delimiters or explicit warnings to the agent to ignore any embedded instructions within the ingested market data.
  • Capability inventory: The skill has access to high-privilege tools including Bash, Write, Edit, TaskCreate, and Read across all scripts.
  • Sanitization: There is no evidence of sanitization, escaping, or validation of the external content before it is interpolated into the agent's context.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 10, 2026, 07:25 AM
Security Audit — agent-trust-hub — strategy-builder