morning-brief
Pass
Audited by Gen Agent Trust Hub on Jun 17, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: No malicious patterns such as code obfuscation, credential theft, or unauthorized network communication were identified. The workflow is limited to financial data retrieval.
- [PROMPT_INJECTION]: The skill possesses an indirect prompt injection surface by fetching external news. 1. Ingestion points: News data is ingested via get_news() and get_news(symbol) in SKILL.md. 2. Boundary markers: No delimiters or instructions to ignore embedded commands are present. 3. Capability inventory: The agent has access to market data, news, and portfolio information via the mcp__vn-stock-trader tools. 4. Sanitization: No content filtering or validation is performed on the news text before processing.
- [DATA_EXFILTRATION]: The skill reads from data/watchlist.json. This is a local read of a non-sensitive configuration file used to identify stock symbols and does not constitute unauthorized data exposure.
Audit Metadata