finhay-market
Pass
Audited by Gen Agent Trust Hub on May 8, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill is vulnerable to indirect prompt injection as it ingests data from external, third-party news feeds and financial reports into the agent's context.
- Ingestion points: Untrusted content enters the agent's environment through market news summaries (
references/endpoints/news.md), full global news articles (references/endpoints/global-news.md), and analyst recommendation reports (references/endpoints/recommendation-reports.md). - Boundary markers: There are no instructions or delimiters defined in the skill to isolate this external data or warn the agent to ignore any embedded instructions within the fetched text.
- Capability inventory: The skill has access to authenticated network operations and credential management via the
./finhay.shscript, which could be exploited if the agent were successfully manipulated by injected content. - Sanitization: The provided documentation and definitions do not indicate any sanitization or validation of the external content before it is processed by the agent.
Audit Metadata