congressman-stock-watch
Pass
Audited by Gen Agent Trust Hub on Jun 16, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
- [EXTERNAL_DOWNLOADS]: Fetches congressional trade data from Capitol Trades (
capitoltrades.com), a well-known public service for STOCK Act disclosures. This is the primary intended data source for the skill. - [COMMAND_EXECUTION]: Executes a local Python script (
watch.py) to manage a ledger of recommended tickers. The script handles 'seen', 'record', and 'list' operations to ensure tickers are not proposed multiple times. - [DATA_EXPOSURE]: Accesses a local ledger file (defaulting to
./congress/recommended.jsonl) to store and retrieve previously recommended stock tickers. The file access is restricted to the skill's own data directory. - [INDIRECT_PROMPT_INJECTION]: The skill processes data from an external website which presents a theoretical injection surface. However, the risk is minimized by the following factors:
- Ingestion points: Data enters the context via WebFetch of
capitoltrades.comas defined inSKILL.md. - Boundary markers: The instructions provide specific parsing logic, directing the agent to extract only specific structured fields (Ticker, Member, Date, etc.).
- Capability inventory: The skill can write to its local ledger and send notifications/DMs via the agent's standard communication tools.
- Sanitization: The agent is instructed to parse for specific financial data fields, which serves as a natural filter against arbitrary text instructions embedded in the source page.
Audit Metadata