congressman-stock-watch

Pass

Audited by Gen Agent Trust Hub on Jun 16, 2026

Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
  • [EXTERNAL_DOWNLOADS]: Fetches congressional trade data from Capitol Trades (capitoltrades.com), a well-known public service for STOCK Act disclosures. This is the primary intended data source for the skill.
  • [COMMAND_EXECUTION]: Executes a local Python script (watch.py) to manage a ledger of recommended tickers. The script handles 'seen', 'record', and 'list' operations to ensure tickers are not proposed multiple times.
  • [DATA_EXPOSURE]: Accesses a local ledger file (defaulting to ./congress/recommended.jsonl) to store and retrieve previously recommended stock tickers. The file access is restricted to the skill's own data directory.
  • [INDIRECT_PROMPT_INJECTION]: The skill processes data from an external website which presents a theoretical injection surface. However, the risk is minimized by the following factors:
  • Ingestion points: Data enters the context via WebFetch of capitoltrades.com as defined in SKILL.md.
  • Boundary markers: The instructions provide specific parsing logic, directing the agent to extract only specific structured fields (Ticker, Member, Date, etc.).
  • Capability inventory: The skill can write to its local ledger and send notifications/DMs via the agent's standard communication tools.
  • Sanitization: The agent is instructed to parse for specific financial data fields, which serves as a natural filter against arbitrary text instructions embedded in the source page.
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 16, 2026, 08:14 AM
Security Audit — agent-trust-hub — congressman-stock-watch